I am running the Hassbian version of Home Assistant release 65.6
NETGEAR R6900v2 router
Step 1 - Static IP - I use DHCP Address Reservations in the router. HA works when I type 192.168.1.10:8123 Should I change to the way the example outlines or is DHCP Address Reservation OK?
Step 2 - Port Forwarding - set up port forwarding in my router for 8123 to 8123.
Verified the rule was added. MyIP.com returns abc.abc.abc.abc
When I type in http://abc.abc.abc.abc:8123 the browser returns ERR_CONNECTION_TIMED_OUT
The router lists an internet port with a totally different IP Address 123.123.123.123
This IP works if I’m connected to wifi but not when I disconnect.
Are there other settings I should be checking to resolve this?
Thanks in advance for anyones help.
I think you need to get your port forwarding corrected. I think in Step 2, you need to make sure external port is forwarded to the internal ip address and port, not just port.
Step 2 - forward your external port of 8123 to be forwarded to 192.168.1.10:8123
Some one can correct me if this is wrong but i believe Once you have SSL turned on it will only allow an https connection. your port forwarding should be 443 to 8123. You will now only be able to connect using your https address which by default uses port 443 (so you no longer need a port number at all because the https in your address forces it to use 443)
Not technically blocking, but the end result is the same. Those address ranges are what’s known as private network ranges. It’s not possible to route connections to those ranges from the public Internet.
HTTPS in no way forces the use of 443. It does use 443 by default, but you can still use 8123, or 1234, or any other port you want to use that’s not already in use. All you have to do is specify it.
There’s a TOR add-on for Hass.io that’ll solve it, and the cloud component to allow Alexa/Google Home integration in these situations.
The other, slightly more complicated, option would be:
Set up a low end virtual machine on a cloud provider (Digital Ocean, Google Cloud, AWS, Azure, etc)
Install PiVPN (or your other choice of VPN software), a reverse proxy server (HA Proxy, Caddy, etc), and if you have a dynamic Internet IP some form of dynamic DNS update client on it. Your LetsEncrypt configuration lives here too.
Install your OpenVPN client (or whatever works with your VPN server) on your HA server, and set it to auto start
Configure the proxy server, optional dynamic DNS client etc
That’ll give you a public endpoint that can be reached, and a tunnel from your Home Assistant system to that endpoint.
Discussed this issue with my ISP and they offer Public IPs for an additional 15/month.
I found this site which offers up a nice explanation of what I am experiencing http://www.remoterig.com/wp/?page_id=3494
I will need to read more about TOR before I try that route, Can it be installed on Hassbian?
You need to use a domain name with a certificate aka FQDN. Look at the DuckDNS component in conjunction with LetsEncrypt. With that you access your HA with xxxx.duckdns.org without the need of a public IP as DuckDNS component updates automatically.
But his isp isn’t giving out a publically routable IP address that he can link his duckdns to. That’s his problem. My ISP does some NAT magic and gives my 4G connection a non routable ip address as well. Duckdns doesn’t help in that situation. In my case as I have a business plan I can request a real ipv4 ip address but I haven’t bothered as my internet is pretty stable anyway.
This is how some ISP’s get around the shortage of ipv4 addresses.
If you have an always-on computer Chrome Remote Desktop could be used. It can cross non-routable networks double NAT. I suppose a Pi would work although I haven’t tried. The Pi would need a desktop so hasbian would be a small problem. Can be used from Android and iOS devices to Linux, Mac and Windows computers.
