HTTPs behind CGNAT

Yeah. Using the duckdns addon, you’ll get a valid certificate for the duckdns domain.
As I said, you’ll then have to manage “a” local DNS to point that duckdns domain name to your HA local IP.

it does show me my wan ip correctly but doesn’t work beyond it

You don’t care about duckdns. You just need a valid (public, recognized and accepted by chromecast) certificate for HA.

yes that the idea. how to work it out is the probem.

this is how webhook log looks like


bucket list. but when I access it it turns up blank

I don’t use it. You would be better off asking in the topic I linked to.

Do you have IPv6 available?

my ISP is evil, they provide FTTH but have applied CGNAT. Haven’t enabled ip6 either

Your in luck :slight_smile: I’ve managed to work around this successfully. Currently in the process of writing a couple of blog posts about exactly the same subject. Part 1 can be found here. Should hopefully have Part 2 up by early next week.

everything in it is free?

Your blog has pictures, but they don’t show.

1 Like

The AWS element although can be run on a Free tier for a while, will cost a small amount of money once that has finished (12 months free for the correct EC2 instance size), although it may have some bandwidth costs in addition.

That’s odd, they work for me, this is a new blog so it may be DNS propogation taking time, please check in a day or two hopefully should work without issue for you also, was changing a number of things last night.

EDIT: Scrap that, found the problem. Should be fixed now if not soon, was a missing DNS record :man_facepalming:

waiting for part 2.

waiting for part2

Since Tailscale has enabled HTTPS/TLS certificates, can anybody confirm if we can use it for assessing Https behind a CGNAT? Enabling HTTPS · Tailscale

No more nor less than before.
You still need to be connected to the tailscale VPN, which is itself encrypted, so in the case of HA, that doesn’t change anything.

actually, I want to solve the original problem, play camera on TV using homeassistant. With new media action, I can play any media and Radio/TV channel on TV successfully but can’t play generic camera. it only displays a Chromecast icon on TV.

Hi use ipv6 on Duc, even my isp uses cg-nat I am using ipv6 as a work around.

how to modify this method for local HTTPS certificate?

============================

Worked for me

https://theprivatesmarthome.com/how-to/set-up-nginx-proxy-manager-in-home-assistant/