Login attempt or request with invalid 172.30.33.0

Kanishkaz · January 22, 2019, 10:12pm

Hi All,

I recently removed the legacy password from my config. Since then I keep getting the following error every few hours:

Login attempt or request with invalid authentication from 172.30.33.0.

Apparently 172.30.33.0 is the internal Hassio Docker IP?
How can I track down what’s causing the invalid login attempts? I’ve checked all my addons and can’t see what could still be using the legacy password.

Thanks.

gieljnssns · February 4, 2019, 2:57pm

Bump this question, I have the same problem

Kanishkaz · February 4, 2019, 10:00pm

This issue disappeared after I upgraded to 86.

eXtatic · February 18, 2019, 11:03am

I’m also experiencing this since quite some time and still do also after 86.

anasazi · February 18, 2019, 11:22am

Hi,

I was also having this error but once I added hassio: to configuration.yaml it disappeared.
Maybe it works for you too…

Kanishkaz · February 18, 2019, 9:14pm

What does adding hassio: do?

eXtatic · February 18, 2019, 9:23pm

I have hassio enabled longer than I’m experiencing these issues.

eXtatic · February 18, 2019, 9:26pm

Glivmo · July 3, 2019, 8:30am

Has anyone been able to fix the issue? I am still experiencing the exact same.

eXtatic · July 8, 2019, 1:40pm

Nope still occuring for me from time to time.
There is an issue on GitHub but doesn’t contain a solution for me.

GrahamS · August 9, 2019, 1:43am

I am having this problem too. Now updated to HA 0.97.0
Seems to be random. Occurs without any user input.
I assume it is related to the IOS App on my iPhone and maybe the HASSIO nginx add-on.
I tried trusted_networks: 172.30.33.0/24 but no luck.
Perhaps I had to remove nginx for that to work?
My nginx config is the HASSIO default, except for my duckdns domain name.

Edit:
ifconfig shows 172.30.33.3 which is my HA instance.
The invalid login comes from 172.30.33.4 which is another HA Docker container. I suspected it was my NGINX add-on.
I uninstalled the NGINX add-on and put this into configuration.yaml

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  base_url: https://redacted.duckdns.org:8123
  ip_ban_enabled: true
  login_attempts_threshold: 5

On my router I forward port 8123 to 8123 and access HA from https://redacted.duckdns.org:8123
This works on my internal network (Also using DNSMASQ) and over LTE using iPhone App.
A little annoying to have to use the 8123 port but at least I don’t get invalid login attempts from my own HA and I don’t get myself banned!

reotto · April 15, 2020, 7:41pm

This issue has seemed to reappear once I got to 108. I started seeing it with 108.3.

Kanishkaz · April 16, 2020, 12:29am

I started getting this same issue again from 108 too.

disrupted · April 23, 2020, 12:19pm

same here /subscribed

Madelinot · July 12, 2020, 9:10pm

Same issue here, although I think it is somehow related to the iOS app. I also tried different configuration for trusted_networks:, but I keep getting the error/notification.

OmerAn · October 15, 2021, 6:58am

Did you solve the problem? i am having the same problem.

GrahamS · October 16, 2021, 2:27am

Fixed for me. Using 2021.8.8 now with this in configuration.yaml

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24

I have another use case with NGINX running on a second Raspberry PI. In that case, I replaced the above IP address with the IP address of the second Raspberry PI.