Remote access and port forwarding

{
  "defaults": ["8.8.8.8", "8.8.4.4"], *<-- Ask google dns if it cant resolve locally change to whatever you want*
  "forwards": [
    {"domain": "", "server": ""} *<-- if you have a local domain that you want to use*
  ],
  "hosts": [
    {"host": "xxx.duckdns.org", "ip": "<IP of your hass.io>"}
  ]
}

it is not working, i do not know what is going wrrong;
i am using duckdns and dnsmasq, add ons activated configuration well done as suggested but when i try to reach

"https://mydomain.duckdns.org:8123" impossible.

Make sure your router’s firmware is up to date. I found this serach result text, unfortunately neither the web page nor the cached page is available. Just the search result preview text:

The netis DL4323D is a 3-in-1 device that combines the functions of high … a later firmware update of v4 removed NAT loopback ) NAT Loopback returned as …

If only there was one more word in that result! What did nat loopback return as?

hello,

without touching to the router i am trying to configure hassio through dnsmasq and duckdns,
i am really blocked.

Hi

I haven’t been paying attention, so sorry for that.
please on your pc which you have changed dns to use the dnsmasq on your HA, type nslookup yourname.duckdns.org and tell us if it resolves to your local ip or your public ip.

My http: looks like this… dunno if it matters?

image


this is not my public ip or even my local ip :roll_eyes::pensive:

hello,

now when i ping on my xxx.duckdns.org i get my WAN ip, but still have no access to my xxx.duckdns.org on browser or application ( lan and wlan network the same problem).

On the picture you are using google dns which should resolve to your external ip. You need to test using your hass.io as the dns

As a slight aside. If you don’t like forwarding direct port access into your network and the risks there in, there are different VPN style approaches.

I use ConnectBot on my Android. It’s an SSH client. My SSH is locked to require the correct private 4096 bit key. It does not accept password logins.

ConnectBot then sets up an SSH port tunnel (port forward) for whatever service I want to access. I have two:

localhost:8080 -> 10.0.0.3:80 (Raspberry PI Cacti)
localhost:8123 -> 10.0.0.199:8123 (HA)

All communications are encrypted over the SSH channel. My phone then “pretends” to be those services and I connect to it.

If you wanted wider access, that would work if you set it to listen on * or 0.0.0.0 instead of localhost and then your phone’s LAN IP would provide access.

It’s just an idea. I personally don’t like open ports inbound if I can avoid it. If you want to know why… check your access logs :wink:

hello stockler,

even with HA dns, i have a weird ip adress,

hi paulcam,

i am on ios devices so do you have any alternatives please.

I’m not an iPhone user, but you could try this:

The DNS Server @ 192.168.1.11 is saying:
“I am not the authority for that domain”

Is “domain.name” something to do with ddns or duckdns or did you forget to put a “.” at the end of DNS configuration?

Normally a DNS entry that does not end with a . is considered “relative” to the default domain or the hosts domain. If it ends with a “.” it is considered absolute.

It looks like it is trying to ask a server for info on “org.domain.name” for the host www.xxx.duckdns. I think “domain.name” is in error and possibly coming from your local machine configuration for “domain name” or your DHCP from your router.

I have solved this issue before, but I was using BIND and IPTables, so not exactly the same thing and therefore can’t be specific.

How is HASSIO DNS configured?
Where is this “domain.name” coming from?

In the /data/workdir/config entries for www.xxxx.duckdns.org add a “.” to the end of the name. Might work.

Other than that, I don’ know.

there is no evaluation version i have to buy it, so are you sure it can allow me to forward port and have remote access without touching to the router?!

I can’t be sure as I have not used that particular app. It will require you forward the ssh port only through your router. Port 23. Everything then tunnels over that.

ConnectBot was free on Android and it doesn’t even have ads. I realise that doesn’t help you though.

You might some other ideas in this.

port 23 is telnet, port 22 is ssh.

Tom I disagree, the 443 to 443 is the ONLY one I use, I have never used 8123 port forwarding anywhere. Probably because I use nginx.

This was a specific reply to Elias who is using port 8123. Nothing to do with your set up.

Yes, oops.

Try to change server name, choose DNS and 8123-8123 for wan-lan port
and in dydns put your subdomaine xxxxxx.duckdns.org with your login and your token for pass