IOS External Notifications Not Working

Hi Everyone, Hoping someone can point me in the right direction to fix an IOS HA Companion App Notification issue. The issue is that I cannot receive external notifications to my iPhone 7+ via “notify.mobile_app_x” nor “notify.notify” processing. I am receiving internal notifications just fine using both the same methods, but when I turn my WiFi off on my phone (e.g. external mode) I get no notifications at all from HA to the Companion App.

I can control my Home Assistant externally (phone wifi off) just fine via the https://xxx.duckdns.org:8123 link - turn on/off lights, view all dashboards, arm/disarm Alarmo, etc. No form of notifications work in this mode (e.g. notify.mobile_app_todds_iphone OR notify.notify). I see the “Rate Limits” value count dropping (in Companion App Notifications) for each message that I try to send. I do not see any messages in the Companion App Event Log related to notifications (only location updates from the past).

I can control my Home Assistant internally (phone wifi on) just fine via the http://192.168.x.x:8123 link - turn on/off lights, view all dashboards, arm/disarm Alarmo, etc. I can also send and receive ALL notifications to my iphone 7 (via notify.mobile_app_todds_iphone OR notify.notify). I can also play built-in sounds, display critical type messages, display messages with events, etc just fine.

With iPhone Wifi OFF, the Companion App status shows: Connected via “External URL”, Version “2023.6.2”, Websocket “Connected”, Local Push “Disabled”, Logged in as “Todd xxx”.

With iPhone Wifi ON, the Companion App status shows: Connected via “Internal URL”, Version “2023.6.2”, Websocket “Connected”, Local Push “Available(1)”, Logged in as “Todd xxx”.

IOS iPhone 7 Setup:

• Apple iPhone 7+, running IOS 15.7.6
• Note iPhone 7 will not update to IOS 16 due to old hardware.
• Companion App installed, version 2023.4 (2023.460)
  internal url = http://192.168.x.x:8123, Local Push enabled
  external url = https://xxxx.duckdns.org:8123
  device name = todds_iphone
• All iPhone “Focus” profiles have Home Assistant in the Apps settings to allow access. Note that no focuses are enabled for any of my testing.

Home Assistant Setup:

• Runs on a Raspberry Pi3B
• Home Assistant 2023.6.2
• Supervisor 2023.06.2
• Operating System 10.3
• frontend 20230608 - latest
• I am not using Home Assistant Cloud
• Addon DuckDns with LetsEncrypt enabled, default (none) ipv4 and ipv6 values

domains:
  - xxxx.duckdns.org
token: xx-xx-xx-xx-xx
aliases: []
lets_encrypt:
  accept_terms: true
  algo: secp384r1
  certfile: fullchain.pem
  keyfile: privkey.pem
seconds: 1800

• Addon NGINX, network exposed port = 443

domain: xxxx.duckdns.org
hsts: max-age=31536000; includeSubDomains
certfile: fullchain.pem
keyfile: privkey.pem
cloudflare: false
customize:
  active: true
  default: nginx_proxy_default*.conf
  servers: nginx_proxy/*.conf

nginx_proxy_default_fix_ingress.conf contents:

# used by NGINX 
# Fixes issues with addons using their own web server (e.g. ESPHome, etc).

location /api {
    proxy_connect_timeout 60;
    proxy_read_timeout 60;
    proxy_send_timeout 60;
    proxy_intercept_errors off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header Host $host:8123;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://homeassistant.local.hass.io:8123/api;
}

Netgear Router Port Forwarding:

• External start port = 8123, External end port = 8123
• Internal start port = 443, Internal end port = 443, Internal IP address = 192.168.x.x

Message notification yaml example - works fine when run internal, but does not work external. Same results if I use “notify.notify” as well:

alias: Notify App - Welcome Home Todd
description: >-
  Causes a Welcome Home voice sound to be played on a mobile device when the
  specified person has come home.
trigger:
  - platform: state
    entity_id:
      - person.todd
    to: home
condition: []
action:
  - service: notify.mobile_app_todds_iphone
    enabled: true
    data:
      title: Welcome Home
      message: Welcome Home!
      data:
        push:
          sound:
            name: US-EN-Alexa-Welcome-Home.wav
            volume: 1
mode: single

I hope it’s something simple in my configuration that I am overlooking. Maybe a firewall port needs to be opened somewhere? NGINX config maybe?

I appreciate your time and consideration.

Thanks - Todd

If you get off your internal network then can you access the external rL without the port of 8123 rapt the end?

HTTPS by default should be 443 so that port is not needed.

Hi Rick - thanks for the suggestion to use port 443.

I re-configured everything to utilize 443 instead of the 8123 on my external link, and it appears to be working. I also completely removed / reinstalled the HA Companion App from my iPhone, as well as deleted the entry for my phone in the HA Mobile App integration. Something in this process fixed the issue.

Fingers crossed it keeps working - my phone is getting old!

Thanks again!

Does it still work. Did you find out the specific problem?

I am struggling with the same issue on my iPhone 7. I have reinstalled the Ios app integration in HA…

This is my app settings:
internal url = https://homeassistant.local:8123
external url = [https://xxxx.duckdns.org]

 - service: persistent_notification.create # Works
 - service: notify.notify # Does not works
 - service: notify.me # Does not works

Yes, still working fine. My companion app settings:
device name = Johns iPhone IOSApp
internal url = http://192.168.1.<nnn>:8123
external url = https://<yourduckdnssubdomain>.duckdns.org

Also, I only use the following service for my notifications:
service: notify.mobile_app_johns_iphone_iosapp

Note I just run http (unencrypted) on my local network. I don’t think the ipv4 (e.g. 192.168…) versus dns alias (e.g. homeassistant.local) matters.

I also added the following lines to the HA configuration.yaml file.

homeassistant:
  external_url: https://<yourduckdnssubdomain>.duckdns.org    # use standard HTTPS port 443 for external access.
  
# options to support NGINX SSL Proxy server.
http:
  use_x_forwarded_for: true     # To ensure HA understands that client requests come via reverse proxy.
  trusted_proxies:
    - 192.168.1.0/24            # add IP address of the proxy server.
    - 172.30.33.0/24            # add IP address of docker container.
    - 172.30.32.0/24            # add IP address of docker container.
    - 127.0.0.1                 # Add the localhost IPv4 address
    - ::1                       # Add the localhost IPv6 address    
  ip_ban_enabled: true          # enable automatic IP ban ... 
  login_attempts_threshold: 5   # after 5 failed login attempts.

** DuckDNS Configuration YAML**

domains:
  - <yourduckdnssubdomain>.duckdns.org
token: <yourduckdnstoken e.g. xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx>
aliases: []
lets_encrypt:
  accept_terms: true
  algo: secp384r1
  certfile: fullchain.pem
  keyfile: privkey.pem
seconds: 1800

Here’s some automation I setup to remind me that external access is working. You can disable it after you ensure everything is working.

alias: Notify App - External Access Heartbeat
description: >-
  Sends a notification to the specified mobile app device at 11 am when the
  device is not at home.  This indicates to the user that the external access is
  working correctly.
trigger:
  - platform: time
    at: "11:00:00"
condition:
  - condition: template
    enabled: true
    alias: Confirm iPhone Device is NOT at home
    value_template: "{{ not is_state('person.john_smith', 'home') }}"
action:
  - service: notify.mobile_app_johns_iphone_iosapp
    enabled: true
    data:
      title: External Access Heartbeat
      message: External access is working if you received this.
      data:
        push:
          sound:
            name: default
            critical: 0
            volume: 0.1
mode: single

Thanks for sharing!

Tried it out on my backup iPhone (SE) with IOS 17. And it worked as it should. Decided to transition to the SE with only 64 G from my 7 with 128G…

No worries. It took me a few tries to finally get it right. I think it had something to do with the DuckDNS configuration and the “trusted_proxies” entries for me, rather than the Companion App settings. Hope it helps.
Thanks - Todd

I have a sort of similar issue when my iPhone is not connected on the local WiFi, i.e. same network as HA, but not related with Notifications as such, instead related to Companion App iOS actions.

The HA runs as a VM on a Synology NAS, and I use the Synology Reverse Proxy for any certificate management and forwarding. My iPhone https connects to the HA externally (i.e. when I am outside of my local WiFi) fine using an external URL with custom port (e.g. 1234). WebSocket is connected. So external access works fine when I use my iPhone HA App or a browser, I can control anything I want, I can get notifications etc.

However, any action I added from HA iOS Companion App menu and I trigger from my Apple Watch or CarPlay, when the phone is not connected on the WiFi, never seems to reach the HA, or better does not get triggered. When the iPhone is connected to the local WiFi same exact actions on Apple Watch or CarPlay work fine. The other strange observation is that when iPhone is not connected on the WiFi if I go to CarPlay Areas section I can control anything included there. So problem seems to be exclusive to Companion App actions on Apple Watch/Car Play ONLY when iPhone is not connected on the local WiFi.

I cannot and tbh dont want to use default https port 443 for external access to the HA, as this is used by default on my UniFi UDM-Pro for direct access to that. So currently using a more random port for external https access which I mentioned above seems to work fine from the HA iOS App.

Any guidance would be much appreciated, thank you!

@VasMan - PM’ed you.