Home assistant Access blocked from egypt

What I wonder if HA could make use of tailscale when added as an add-on integration, configured and another host (for example outside of egypt) acting as exit-node :thinking:

Tried it (the 1.1.1.1), but doesn’t seem to make any difference.

However, this ‘supervisor.exceptions.StoreJobError: ‘GitRepo.pull’ blocked from execution, no supervisor internet connection’ from the log makes me wonder whether we couldn’t get a long way if the supervisor online check would be based on a file check on another, non-homeassistant and thus non-blocked, site ?
Because once past the online check supposedly the github repo is not being blocked as such … ?

I tried this morning access Home-assistant and it’s back to work, could you please confirm!

Hello All
fortunately, the home assistant could be accessed from Egypt now after 10 days of blocking. :partying_face:
However, through this time i found a few tips to workaround this issue or with similar ones (ex.: the website is down,…). These tips are depends on VPN as following:
1- Download one of these VPNs Windscribe VPN which offer 10 GBs free or expressvpn with low price
2- Use the windows hotspot to share the internet with VPN with other devices guided with this Link
3- Connect the home assistant server to the sharing device (PC or laptop) through wifi or ethernet but wifi is easier. If you are using rasspberry pi and installing it you have to add a wifi configuration after writing the image and add " my-network " in the following directory:
image
then write down this configuration:

[connection]
id=my-network
uuid=a7cb6f7e-aea8-41ca-91e9-e3cc814248ea
type=802-11-wireless
 
[802-11-wireless]
mode=infrastructure
ssid=MY_SSID
# Uncomment below if your SSID is not broadcasted
#hidden=true
 
# Comment out this section if you have an open/public network that does not use a password
[802-11-wireless-security]
auth-alg=open
key-mgmt=wpa-psk
psk=MY_WLAN_SECRET_KEY
 
[ipv4]
method=auto
# Uncomment below if your using a static IP address and comment out the above method=auto
# You can set the IP address to what you like
#method=manual
#address=192.168.1.111/24;192.168.1.1
#dns=8.8.8.8;8.8.4.4;
 
[ipv6]
addr-gen-mode=stable-privacy
method=auto

this Video will describe this steps in details
4- It is recommended to change DNS server to 8.8.8.8 and location to the connected server in order to download addons

1 Like

You can set up a VPN in most routers too.

‘Most’ routers sounds overoptimistic :smirk:
Apart from the fact that lots of people (at least in Europe) don’t have any significant access to their provider-provided routers 😮‍💨

If your ISP does not let you BYOD get another ISP. Or just install a cheap router behind theirs, like the Edgerouter-x.

Or if you already have your own router and it does not have VPN functionality built in check if you can load up OpenWRT: https://openwrt.org/toh/start

That might be only possible in countries where consumers have the right to use their own hardware. For example germany has this as law since 2016, they call it something like “end-device freedom” and forces the ISP to provide technical details (specially usernames, passwords, etc.) to get your own router working. :unlock:

Luckily always possible but a pain because it needs to be powered (typically) for 24-7 which most people need to pay for. :money_with_wings:

In Germany they calculated the eneregy costs of 8.5 million euros :moneybag: per ano for people running their own routers (behind the ISP one) prior to the new law (and right) to use your own device directly :bowing_man:

:100:

The EdgerouterX draws about 3W. Which would be about $5 a year here.

You are quite lucky then where you are :wink: (probably a country with lot’s of renewable energies and little to no imports). :sunny:

Depending on your location you can easily pay double or triple the amount you are paying per kilowatt hour. :money_with_wings:

Running a ESP for example for one year contentiously (1W) here surpasses the costs of buying it already :zap:

Unfortentately this issue appeared again in Egypt !!!

yes, same here

Hello. Long time HA user in Egypt.
Nobody is blocking Home Assistant in Egypt.
Run a tracert or traceroute (depending on your OS) to home-assistant.io and you will see that you can reach as far as Japan without any problems.
This means the problem is somewhere with one of TE Data’s upstream providers and not TE Data itself.

I am from Egypt.
no access to the site. VPN does not help, as all VPN traffic is also blocked.
WARP from cloudflare works on a computer and Internet distribution from this computer.

so how do you work around this …I can not move forwrad with the installation. im on ras-pi with LAN only

since this is not a block and might be some false node block …why not HA add a new domain till that is solved?

1 Like

This would be a great solution but I don’t know how easy / feasible it is for HA to implement. I’ve been using HA for about 5 years now and problem has been happening more often the past 12 months or so. This specific episode has been happening for about 2 weeks now. I’m in the process of setting up an additional VLAN on my router for the sole purpose of connecting to a purpose-built VPN on AWS just for HA but it really should not be this difficult. When this problem happens restarting HA takes no less than 45 minutes and it cannot get updates or install add-ons because it thinks hassos has no internet. @frenck is there anything HA or Nabu Casa can do to help?

Hello and Ramadan Kareem,
I am from Egypt too and have the same problem that my Home Assistant running on Virtualbox on win11 halted on on-boarding screen with error manager.update blocked from execution but found a workaround (by try and error) and here is what I do:

  1. Setup a VPN (I am using PaladinVPN) and connect to any country

  2. while your VM powered off use NAT as network adapter from Vritualbox settings

  3. Run your VM and once Home Assistant CLI is ready type network info and you should get this

  4. As you see here that host_internet and supervisor_internet is true

  5. Now you can update the supervisor or core from CLI using commands like su update but you can’t access the Lovelace dashboard.

  6. Now change the network adapter back to bridged while VM is running, host_internet and sometimes supervisor_internet should remain true

  7. Now you can access the Lovelace dashboard and download addons or update as usual

Note: if you got hassio error or addons setting doesn’t load successfully restart Home Assistant.

im on home assistant on raspberry pi…any workaround?

Is your ISP actively blocking access to the HA mothership(s) or is your ISP hijacking your DNS traffic?

Living in a somehow restrictive country too when it comes to internet freedom I have found that all ISPs here are obliged to use lists provided by the ministry of telecommunications where some technocrats decide which sites people are allowed to access and which they are not allowed to access. Those lists often seem to be quite arbitrary and show that the officials behind it have little to no clue what they are doing.

Although you might think you have configured the DNS Servers you have chosen (i.e. 8.x.x.x or 1.1.x.x) the ISPs are silently hijacking all traffic going through UDP port 53 which is used for DNS resolution and reroute those requests to their DNS servers! This is also called “Transparent DNS proxying”.

One way to find out is to check through a site like “DNS leak test”. It will show you which DNS servers are really used behind the scenes.

If your ISP is doing DNS hijacking you can register with a DNS provider who offers DNS traffic through other than port 53. I.e. Smart DNS Proxy or Unlocator).

Now install i.e. Pi-Hole on an old RPI (even a RPI3 is more than sufficient) and use the alternate UDP ports with the DNS servers provided by i.e. one of the above DNS providers. Now configure your LAN/router to use the Pi-Hole for DNS resolution and you should be good.

Using such a setup here for ~10 years without any problems.