Lost access to HA from outside my network

danibercero · January 25, 2023, 8:49am

Hi!

From one day to the next I lost my connection to Home Assistant from outside my local network and I don’t know what happened, I’ll tell you what I have and the tests carried out to see if someone else comes up with something else…

I have my Home Assistant running in docker, on a server with OpenMediaVault.
For access from outside my network via https I use the Nginx Proxy Manager (docker) and Duckdns

I recently moved house, with a different network and router, but I had managed to get everything working without problems (outside access included) until yesterday.

In the HA configuration.yaml I have included all docker networks in trusted_proxies

http:
   use_x_forwarded_for: true
   trusted_proxies:
     - docker nets...
     - 172...
     - Server IP...

(As I was telling you, everything worked fine for me with this configuration)

Remotely I can connect via VPN, so the failure with Duckdns and the router has been ruled out.
I have tried to disable Nginx and perform port forwarding on the router to port 8123 with http and with https, changing the HA configuration and managing the LetsEncript certificates in another way. So I consider that I rule out any problem with the router and the port forwarding.
I have tried to update the LetsEncript certificates and generate new ones with Nginx, it generates them well, so I consider that it works well (and can access ports 80 and 443)
From the server’s command line I ping the network without problems and abroad, so I consider that the network is well configured.

In the HA logs I don’t see any errors or any access attempts.
I don’t see any errors in the Nginx logs either (neither in the docker logs nor in the nginx folder accessing by commands)

Of course I have restarted the server and HA multiple times

In Nginx I have Wbsocket Support, Force SSL and HTTP/2 Support enabled. (Right now I don’t have screenshots to attach )

When trying to access https://xxxxx.duckdns.org, the HA logo appears and stays at “Loading data”.

I don’t know the exact moment this problem started (with teleworking and the cold I didn’t leave the house on Monday) the only change on my server may have been a docker update…

I am completely lost and I don’t know what else to try, I have searched the forums and I have not found anything that helps me.

I would like to continue using Nginx Proxy Manager (or similar) as it makes internal network configuration much easier and works better than if I access my HA via https on the local network…

Please help! and… Thanks in advance!!

avd706 · January 25, 2023, 11:55am

Reload nginx , check your modem to make sure your ports are forwarding.

SJ20035 · January 25, 2023, 12:32pm

Is there anything in the Nginx Proxy Manager error logs? (you need to check the logs folder in the container).

danibercero · January 25, 2023, 1:10pm

Yes, I have restarted the nginx, the router and the server multiple times.

I have reviewed the nginx proxy manager logs (in the container folder) and I see nothing, neither accesses nor errors.

SJ20035 · January 25, 2023, 1:20pm

Did you check both the default logs and the logs for the specific proxy instance?

If you don’t see accesses then are you sure you are port forwarding to the Nginx Proxy Manager IP?

Also, are you using a hostname (http://has.local:8123) as the destination or an IP (http://192.168.1.26:8123) - if the former, try using the IP.

danibercero · January 25, 2023, 1:54pm

I have checked all the .log files in the logs folder of the container. I see entries in the fallback_access log, but not in the proxy-host access or error logs.

I’m not sure about anything :-(, but I think the port forwarding is working as I can connect via VPN and I tried stopping nginx and accessing via port 443 directly to HA (redirecting to 8123 on the router and with the https configuration in HA) How can I check that I am forwarding ports to the nginx proxy manager?

For the destination in nginx I use the IP of the HA server.

SJ20035 · January 25, 2023, 2:07pm

The port forwarding would be set in the router and hence how you would do it depends on the router model.

Accessing the server via VPN only suggests you are connecting to your router and not doing any port forwarding. Basically all traffic from your device is router through the VPN and hence appears as though you are locally connected.

danibercero · January 25, 2023, 2:15pm

Yes I know, to connect to the VPN I am doing port forwarding from port 11XX to 3000 of my OpenVPN located on the same server as the Nginx proxy manager.

Also, as I mentioned, I did tests doing port forwarding from port 443 to 8123 to connect to my HA over https without nginx.

I don’t know what else to do to check port forwarding…

danibercero · January 26, 2023, 10:01am

I have finally solved the problem with a work around.
I still don’t know why it stopped working from one day to the next, the problem is my internet provider’s router.

Port forwarding works well on any port except the ones Nginx needs by default (443->433; 80->80).
It was driving me crazy because if I bypassed Nginx by forwarding ports directly to my apps everything worked (443->8123 or 80->8123, etc.), but not using Nginx.

Finally I have changed the port forwarding in the router to 443->444 and 80->82 and changing the corresponding ports in which the Nginx docker listens and everything works again!

Thanks for your cooperation! How I hate routers from internet providers! LOL