HomeAssistant DuckDNS and Let's Encrypt Help - Ports

Configuration
1

Hi Guys,

I’m trying to install remote access for my HA. It’s running core on a Rasp Pi 3B and works perfectly both on the internal network and when using Nabu Casa’s one-month trial.

Now I’m trying to set it up for remote access with DuckDNS and Let’s Encrypt (and eventually using NGINX SSL Proxy to remove the local access “issues”).

I’ve been following a number of guides, but probably the most succinct at explaining what I’ve done to date is this one:

Steps so far:

  1. Sign up for DuckDNS, and checked that it’s using the right public IP via whatismyipaddress.com.
  2. Install DuckDNS add-on into HA, accepting the terms, copying across the token, and adding the html tags into my configuration.yaml.
  3. Testing DuckDNS and have found it to be running perfectly (obtains SSL cert, etc) via the logs, and have watched it update my IP automatically when my ISP does both in the duckdns website and the HA logs.
  4. Refreshed page in browser and can see that it doesn’t work - switched url to https: and I can now get back into HA.
  5. Port forwarding time - this is where I’m getting stuck.

I’ve gone into my router settings (Asus RT-AC58U), gone to WAN>Port Forwarding and added in the rule to port external 443 to 8123. I was initially concerned that using a pi-hole for my DNS would be a problem but after some searching within these forums, I’ve found that not to be a concern (however confirmation here would always be appreciated!).

image
image958×718 87.6 KB

When trying to access {my-domain}.duckdns.org or {my-domain}.duckdns.org:8123 or {my-domain}.duckdns.org:443 (I know those last two shouldn’t work but I’m spamming all the options now…) I simply get a timeout. I do this on my phone when not connected to the home wifi.

I’ve been using yougetsignal. com / tools / open-ports / to test against my public IP to see if port 443 is open. I’ve also tried this with {my-domain}.duckdns.org.

I can’t think of how to test further to determine what’s blocking my connection/port.

Finally, I have seen on some guides that the Home Assistant URL (Configuration>System>Network) setting needs to be filled out but I haven’t been able to effect any change by doing so and presumed it was something to tackle when setting up the SSL proxy after I’ve actually established remote connection.

Any help/ideas are much appreciated.

Cheers
Dave

2

Solved my problem: my ISP has moved over to CGNAT. Confirmed by looking at the public IP from google being different from the public IP on my router.

I’ve since got a static IP assigned and everything’s working perfectly.