Hi all.
I have home-assistant running on a Mac with a static IP, with a Netgear router CG3100D-2. I have been following the instructions here to the letter, and have reached point 5. Everything up to this point has been perfect, even after installing homebrew, adding “sudo” to some of the commands, etc. All the port forwarding rules up to this point, and the tests the article suggests, have been successful.
The trouble I have just discovered is that the article now wants this:
Service name - ha_ssl
Port Range - 443
Local IP - YOUR-HA-IP
Local Port - 8123
Protocol - Both
Trouble is, in my router setup pages, the port forwarding rules only have the following entries:
Name
Start port
End port
Protocol
local IP address
So obviously name, protocol and local ip are easy, but i can’t figure out how to enter the port range and the local port with these configuration options. I’ve tried all variations, but whenever I go to https://examplehome.duckdns.org I receive the error “cannot connect to server” or “timed out”. I can access it locally on the local IP:8123. All other instructions up to this point had the local port = port range, and I simply entered the same number as the start and end port.
… Or if your router can only forward ports to the same port number, can you run homeassistant on port 443 using the server_port option in http as described here…
Hi there. Just woke up - sorry I didn’t respond until now.
The so I added server_port: 443 under http: and now it’s not accessible even to the local computer via it’s IP address on port 443 or 8123! Terminal has a message "ERROR (main thread) Failed to create HTTP server at port 443: [errno 13] error while attempting to bind on address (0.0.0.0, 443): permission denied.
Argh!
I’ll try some more options after work.
Any other ideas?
Thanks for all your help.
Hmmm, I’ll be honest, I’m a bit stumped with this one. I presume you can’t set homeassistant to 443 because it’s a ‘reserved port’ or some such, so if you can’t set your router to forward 443 to 8123 you’re going to be a bit buggered I think.
Surely there must be a way to get the router to forward the ports properly, have you looked in the manual for advanced port forwarding? Especially if it’s a Netgear router, they’re normally pretty hot with features.
Other than that I’m at a head scratch with this one I’m afraid. I’ll keep thinking and if I get any other inspirations I’ll come back to you.
Hi.
It’s got me stumped as well. The modem was supplied by my cable provider (Telstra) so Netgear won’t help and Telstra just refer off to a premium service, who charge for advice but cannot tell me off the cuff whether there even is a solution or not.
Thanks for your help anyway.
John
The only other suction I can think of is putting the computer in the DMZ, but that sounds like I’m exposing the whole computer to attacks, which I want to avoid, obviously. Would it be a solution to buy a raspberry Pi and put that in the DMZ?
(I’m talking the router DMZ, not the Korean peninsula)
This is the error when I close down HA and restart it afresh,
ERROR (MainThread) [homeassistant.components.http] Failed to create HTTP server at port 443: [Errno 13] error while attempting to bind on address (‘0.0.0.0’, 443): permission denied
any ideas why it may be attempting to bind at 0.0.0.0? The configuration is
Ok so I may be talking to myself here but if I set up a different router on my network as the DNS server, and port forwarded with that one instead of the current cable/modem, would that work just the same?
Thanks.
I’m not sure exactly what you’re looking at doing, but I once had a service that sent me their own modem/router and the router bit was total shite, so I switched off the WiFi on it and connected another router (that didn’t have an integral modem) to it. Then the new router worked fine, just saw the old router as the Internet.
If that’s what you’re asking, yes, that would work.
I’m not sure about the DMZ option, I’d have to instantiate some Google-fu same as you. I definitely wouldn’t set it up in Korea, unless it’s well shielded.
I’m not sure about the 0.0.0.0 thing either tbh. I don’t really understand the way that a service binds to a port, just what you can do when (or in this case, if) it does.
In computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted network, usually a larger network such as the Internet.
DMZ is also a reference to an area between country borders:
The Demilitarized Zone (DMZ) is a region on the Korean peninsula that demarcates North Korea from South Korea. Roughly following the 38th parallel, the 150-mile-long DMZ incorporates territory on both sides of the cease-fire line as it existed at the end of the Korean War (1950–53).
Hey @jcbigears, what is the exact make and model of your Telstra router? I can’t believe we can’t find proper instructions with Google. I just searched on port forwarding Telstra router and got a number of hits, but would need to know your router make/model.
Go back to your original setup where you had it working on :8123.
Then instead of setting up 443 to 8123 forwarding, use 8123 as the start and end values, then connect using the Dynamic DNS URL you setup and specify the port at the end jbcigears.duckdns.org:8123 .
The only reason the article has you forward 443 to 8123 is so you don’t have to put :8123 at the end of the URL when you are trying to access it from your phone remotely.
