I’ve tried setting up the Duck DNS add-on and can’t get it to work for the life of me. I feel like the issue might be related to my public IP address that i provided when setting up a DuckDNS url. The public IP address i get when looking it up online and the WAN IP address visible when log into my router are different. If i use the public IP address, nothing works at all and Hass io doesn’t even load. When i use the IP address from the router gateway, the DuckDNS url will temporarily bring up my hass io front page for a few minutes and then it stops working when the IP address automatically resets itself to the public IP address. I can’t ever access hass io when not connected to my home network even during those few minutes during which the router gateway IP address works with DuckDNS. Anyone had this happen to them before or know how to fix this? TIA
What does this mean?
Are you using a VPN or Proxy?
I do have a VPN but it wasn’t turned on when i was setting up the remote access and i’m not using a proxy as far as i’m aware. i have two possible IP addresses that i can input on the DuckDNS setup page. There’s the public IP address and then the one in my router login page. If i input the public IP address, hass.io doesn’t even load. However if i input the IP address from my router login page, remote access doesn’t work but the DuckDNS url will bring me to my hass.io for a few minutes until it stops working. Then when i check the DuckDNS setup page, i can see the IP address has somehow changed to the public IP again
Unless you are running multiple networks or have some crazy redundancy solution in place, a residential data connection will only have a single IP public address.
If I were you, I would see if DuckDNS can run either from my router, or choose a different DDNS solution and see if that works for you (No-IP is supported by HA).
Disable DuckDNS on HA, and manually place the public IP address you have found from your router. Clearly your internal network is picking up a different address from somewhere!
It’s SUPPOSED to be the public IP. That’s the whole point of the dynamic DNS…
I’ve been doing some research and it seems my ISP (myrepublic) may be using CG-NAT, which would possibly explain why my public IP address when checking online is different from the one on my router. Does this mean i cannot gain external access to my hass.io without switching to a different plan?
I’ll give NO-IP a go when i get home today. I was previously using the instructions from the following link:
Will this method also work with NO-IP?
Thanks again for all your help, it’s much appreciated.
Does your router’s “public IP” start with any of the following?
192.168.x.x
172.16.x.x
10.x.x.x
Hi there flamingm0e! I have the same problem! Aaand, I’ve seen you know things. I am new into this.
So, my WAN IP address from my router admin page is from this range 10.x.x.x., as shown:
And also is different from the public IP address that I get on website such a whatismyip.com etc.
Internet says for that case that I have no routable address because of my ISP, which is possible because I live in student dormitory.
I found out that in this article: http://usatcorp.com/faqs/can-determine-publicly-routable-ip-address/
I use hassbian and I have followed also
but of course no success. Everything the same as described in this topic.
Are there some other solutions which I can do to get encrypted address and setup remote access so I can use iPhone application?
I read something of using weaved (remot3) in some other topic, I tried to use that but without success…
This might help you :
I don’t see that port 80… which is also in my router
And when I tired to forward 80 to 80 I was refused…
I am struggling with this already 2 days and nights with a just a few hours of sleep… Help before I go crazy 
If your ‘public/WAN’ IP on your router is in a private range, and you do not have control of the router above it, you cannot forward any ports.
The best you could do is purchase a VPS in the cloud (digital ocean, linode, etc), and either do SSH tunneling, or a VPN (no I am not talking about using PIA or some service, I am referring to a VPN server YOU run)
Thank you very much! At least I know I can stop trying this way with duckdns and let’s encrypt. 
Please can you give me some guide how can I do this (links…) ?
At the moment I have almost zero knowledge about VPN servers so where should I start learning in order to do that? And that would be also free way of solving this problem (no purchase needed anywhere…) ?
For just Home Assistant, I would think SSH tunneling would be a better fit.
I learned by setting up an OpenVPN server many moons ago. I don’t know what is best place for knowledge on that, as it’s something I just have in my arsenal already.
you would still have to purchase the VPS (Virtual Private Server), which is just a linux box you manage that has a public static IP address on it. They are typically around $5 a month for something with plenty of power to do what you want.
That’s enough for now! Thank you very much for your help flamingm0e !
EDIT: What do you think about TOR as a solution for my problem, @flamingm0e ?
I honestly don’t use TOR and don’t know how well it would work for your situation. Give it a try and let us know?
Sure. I’ll write is I succeed 
Your ISP might provide a real public routable IP address for a monthly fee (around $10)
Thanks, I found that, but looking for a free solution if possible. 
I don’t think school dorms would do that. 
Seems like TOR is good solution, but for now only for Android users. One should be able to add custom torrc entry to the “Torrc Custom Config”, but on iOS client such as Onion Browser that is still not possible. Onion Browser is still in beta version and we have to wait until “Torrc Custom Config” is being implemented into settings menu on Onion Browser as it is currently for Androids Orbot:Proxy with Tor application.