Home Assistant is often not accessible from outside, when using the mobile network. VPNs or external Networks work just fine

Configuration
1

Home Assistant is often not accessible from outside, when using the mobile network. However, as soon as I use a VPN or connect to a foreign Wifi, it works again and always 100% reliably. Sometimes I can also access Home Assistant from the mobile network. But how long that works is pure luck. Sometimes it works for a few days, sometimes just only a few minutes and the reconnection fails.
The app then gives me the error

NSURLErrorDomain -1003.
As soon as I connect with an external wifi, the issue is gone and I can connect again.

My Domain is https://homeha.xxxx.synology.me:8123
The configurations from Synologys Reverse Proxy Rule:

Bildschirmfoto 2022-07-13 um 15.08.03
Bildschirmfoto 2022-07-13 um 15.08.031198×1118 117 KB

Bildschirmfoto 2022-07-13 um 15.02.34
Bildschirmfoto 2022-07-13 um 15.02.341158×468 71.6 KB

Bildschirmfoto 2022-07-13 um 15.02.41
Bildschirmfoto 2022-07-13 um 15.02.411132×688 132 KB

In my configuration.yaml is the following:

http:
  server_port: 8123
  ip_ban_enabled: true
  login_attempts_threshold: 10
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.17.0.1 #Found this on the internet. Should be always in?
    - 10.220.60.5 #Synology
    - 10.220.60.20 #Router

Can someone spot something fishy that my cause this problems?

PS: I still have an IPv4 address to my connection.

2

Hey, I’m using the same setup on my NAS, reverse proxy & Synology cert/external domain name.
Did you ever find a solution?

The strange thing for me is that sometimes (not very often) it works for both me and my partner externally on mobile data. More often than not though I’m getting:

“A server with the specified hostname could not be found.
NSURLErrorDomain -1003”

(Btw, if you didnt realise, 172.17.0.1 is fine, it means “this device” it’s the loop back address for the local device that it’s running on.)

I have other things configured to use the remote proxy and they all work fine with the same url/different sub domain, so I dont think this is a DNS issue with the provider/cert.
However we experience the same, if on a foreign WiFi it’s fine.

It’s bizarre, at the same I have this issue my other services are working.

3

Since you are using some sort of proxy you have to ensure that websockets are forwarded correctly. If they are not the typical 60s loop occurs.

Example for Apache (ProxyPass):

        # Websockets
        RewriteEngine On
        RewriteCond %{HTTP:Upgrade} websocket               [NC]
        RewriteRule /(.*)           ws://localhost:8123/$1  [P]

This part is only for rewriting the WebSockets. Below is the ProxyPass part:

        # Proxy Pass
        ProxyRequests On
        SSLProxyEngine On

        ProxyPass / http://localhost:8123/
        ProxyPassReverse / http://localhost:8123/
        ProxyPreserveHost On
        AllowCONNECT 8123