Local and remote access by single URL

I have home assistant set up and very much enjoying it but the biggest pain so far seems to be getting the network settings correct!

So far I have duckdns setup and port forwarding so that externally I can access via https://myurl.duckdns.org but I still need to use https://192.168.2.21:8123 when I am at home. Ideally I would like to use https://myurl.duckdns.org from everywhere.

I had tried using dnsmasq to some success, but then I still had to use port 8123 locally instead of 443 and it also seemed to completely kill my connection to wink.

At the moment on my phone I have just used a bunch of tasker shortcuts that automatically swap out the url based on if I am connected to my wifi or not, but this is extremely limiting!

Can anyone help get me to the ideal situation? If there are multiple extra components required or if I need to have specific features on my router or anything like that?

1 Like

What I have done for my setup is told my router to forward all requests for home.smccloud.com to 172.16.6.11, however this will not forward the port. You’d have to setup a reverse proxy in Hass.io to get it to forward 443 to 8123. For me it doesn’t matter because 443 is forwarded to another network device.

I use duckdns and dnsmasq to accomplish exactly this same behavior.

In the dnsmasq config you should have a line like:
address=/myurl.duckdns.org/192.168.2.21

This way, when a host on the network looks up myurl.duckdns.org, they are returned the LAN IP and not the WAN IP.

Instead of forwarding 443 to 8123 in your firewall rule, can you forward 8123 externally? With this setup, you should be able to use https://myurl.duckdns.org:8123 to access the interface on the LAN or WAN.

Unfortunately, my router doesn’t have ability to forward a specific requests like that it seems.

If I could get it to work with both on 8123 that would be an improvement, but when I had dnsmasq set up it seemed to stop wink from connecting so then I couldn’t use any of my lights!

Ideally, I would use 443 instead of 8123 as my workplaces network blocks non standard ports so then I’d not be able to access from the office.

You can change the port using server_port in the http component:

# Example configuration.yaml entry
http:
  server_port: 443
1 Like

I don’t believe you can set this to 443 though can you? I thought it couldn’t use standard ports…

is you use this command you dont have port forward in your router settings?

Just tried it and it works perfectly fine using port 443 :+1:

You always have to forward some port to hass.io regardless of which one you are using :slight_smile: stenvey just mentioned he isn’t able to connect to non standard ports from his office.

so you use 2 ports for port forwarding in your situation?

When setting server_port to 443 you basically tell hass.io to use that port instead of 8123. So you don’t need to forward 8123 anymore when setting server_port to anything else.

You’re absolutely right, that worked fine… I must have done something wrong when I tried that before, thanks!

Now if I can get local dns working via dnsmasq or some other method without messing up my wink accessibility I’ll be in business!

You could check if your router supports NAT Loopback to make your duckdns work from within your home network if you want to avoid setting up a local DNS server…

Unfortunately my router is a piece of garbage and doesn’t support anything useful!

So I have set up dnsmasq in hassio and it works fine in terms of allowing me to use the same address inside and outside, but it seems to be blocking home assistant from connection to any remote services. Wink and Chamberlain both stop working as soon as I turn it on and start working again if I turn it off. Am I doing something wrong with the config?

   {
      "defaults": [
        "8.8.8.8",
        "8.8.4.4"
      ],
      "forwards": [],
      "hosts": [
        {
          "host": "myurl.duckdns.org",
          "ip": "192.168.2.21"
        }
      ]
    }

I also set the config of my router to use 192.168.2.21 as my primary dns server, is that the right way to go about it?

Error:

requests.exceptions.ConnectionError: HTTPSConnectionPool(host=‘myqexternal.myqdevice.com’, port=443): Max retries exceeded with url: /api/v4/UserDeviceDetails/Get (Caused by NewConnectionError(’<urllib3.connection.VerifiedHTTPSConnection object at 0x6ecf04d0>: Failed to establish a new connection: [Errno -3] Try again’,))

Solved!

Turns out the optional step of setting up the system-connections/resin-sample is not so optional.


https://docs.resin.io/deployment/network/2.x/#setting-a-static-ip

can you give me some tutorial how solve this problem…

i have the same problem, i only want to use myurl.duckdns.org from anywhere but HA wont let me save the change on dnsmasq address=/myurl.duckdns.org/192.168.2.21

I know this is an old topic but I’m having difficulties finding reference to this exact problem anywhere else. I can setup dnsmasq to work with duckdns and access it outside/inside LAN without issue, but dnsmasq seems to be blocking some of the devices own services (MET weather is the one I’m noticing immediately) and I am unsure of how to resolve this. I’ve configured static IP for the raspberry pi from my router (edgeOS) instead of setting it up via the built in connection manager, your post has me wondering if that’s the issue?

1 Like

What I do is I let my family do it with the external url and on the lovelace UI i put a button to press if you are home that takes you to ip:8123. I know this isn’t what you are asking but it is an option. I like your concept though.