Every few days, I get my own external IP banned. I have seen some similar complaints (example), but none quite my same case.
The IP that gets banned is always my external IP. This blocks me from using the DuckDNS URL and need to use the internal Raspberry IP, use configurator to remove the IP Ban entry and fixed. However, it’s annoying.
I do not have an iPhone. I only use web on my Mac and Android phone. The Android phone is usually open in the Lovelace home view.
My system details:
System: HassOS 2.12
Deployment: production
Version: 0.97.2
Installed on Raspberry Pi 3
I have ip ban enabled:
ip_ban_enabled: true
login_attempts_threshold: 3
and my Auth provider is homeassistant:
auth_providers:
- type: homeassistant
I have DuckDNS Add-On installed, which I understand is why it’s my external IP and not my internal IP that gets banned.
I do not want to disable either protection system, I just want to understand why my own IP gets banned without any manual intervention. Note that I’ve also checked the time at which I got banned, and there were no other devices connected to my internet. So it’s not like someone accessed my local network and sent requests on my behalf.
Thanks for the suggestion. I have followed your steps now. I will report if the IP ban happens again.
That being said, I am not sure if the “CGNAT used by cellular carriers” is the root cause. Last time this happened, I had my Android phone connected to DuckDNS URL and I was surfing on my Macbook using the local Raspberry Pi IP. The IP that was banned that time was not my external IP, but my local IP. Somehow, I forgot to double check whose device IP it was, but I understand it was my Macbook’s as I couldn’t keep surfing.
I am a bit clueless on what is the source of this and it’s hard to reproduce consistently. It just happens, and appears to be random, so it is hard to predict too
I have also been seeing random login failed messages. It seems to be when I am away from the home assistant tab and I come back to it. (Browser is Brave Browser) Quite a few times, I see the failed login notification with the notification time indicating pretty close to when I switched back to the HA tab.
I am logged in from work and its my work IP that threw it this time so its definitely this specific session. I see similar issues when I leave the tab up in brave browser indefinitely on my main PC at home. It even went as far as to IP ban my desktop at home from the amount of times it failed logins.