Hi all,
i already find many information about this topic but none of them worked so far.
Here’s my setup:
I did a remote SSH tunnel with autossh on Hassio (RPI).
packages:
- autossh
init_commands:
- >-
autossh -N -M 18123 -o StrictHostKeyChecking=no -o
UserKnownHostsFile=/dev/null -o "PubkeyAuthentication=yes" -o
"PasswordAuthentication=no" -i /config/syno -R 6789:localhost:8123
MYUSERNAME@SYNOLOGY_URL.ch -p 2208 &
I also did the following on configuration.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
- 192.168.1.140 (internal IP of the Synology)
Then on the Synology i setup the reverse proxy
And i created the custom header with websocket and added as well X-Forwarder-For
I setup the reverse proxy on HTTPS & HTTP (port 8080) but each time i get 400 bad request.
If i do a curl on localhost in the Synology on the remote port (6789) i get the page from HA.
So i imagine the problem to be in the Synology reverse proxy but i don’t know what to do else 
Edit:
I did a tcpdump on Hassio:
sudo tcpdump -i any port 8123 or port 6789
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
13:04:02.369574 lo In IP6 localhost.48802 > localhost.8123: Flags [S], seq 236201766, win 65476, options [mss 65476,sackOK,TS val 2971113484 ecr 0,nop,wscale 7], length 0
13:04:02.369705 lo In IP6 localhost.8123 > localhost.48802: Flags [S.], seq 1803098247, ack 236201767, win 65464, options [mss 65476,sackOK,TS val 2971113484 ecr 2971113484,nop,wscale 7], length 0
13:04:02.369827 lo In IP6 localhost.48802 > localhost.8123: Flags [.], ack 1, win 512, options [nop,nop,TS val 2971113484 ecr 2971113484], length 0
13:04:02.372153 lo In IP6 localhost.48802 > localhost.8123: Flags [P.], seq 1:438, ack 1, win 512, options [nop,nop,TS val 2971113486 ecr 2971113484], length 437
13:04:02.372250 lo In IP6 localhost.8123 > localhost.48802: Flags [.], ack 438, win 509, options [nop,nop,TS val 2971113486 ecr 2971113486], length 0
13:04:02.381158 lo In IP6 localhost.8123 > localhost.48802: Flags [P.], seq 1:167, ack 438, win 512, options [nop,nop,TS val 2971113495 ecr 2971113486], length 166
13:04:02.381279 lo In IP6 localhost.48802 > localhost.8123: Flags [.], ack 167, win 511, options [nop,nop,TS val 2971113495 ecr 2971113495], length 0
13:04:02.383181 lo In IP6 localhost.8123 > localhost.48802: Flags [P.], seq 167:183, ack 438, win 512, options [nop,nop,TS val 2971113497 ecr 2971113495], length 16
13:04:02.383372 lo In IP6 localhost.48802 > localhost.8123: Flags [.], ack 183, win 511, options [nop,nop,TS val 2971113497 ecr 2971113497], length 0
13:04:02.385677 lo In IP6 localhost.48802 > localhost.8123: Flags [F.], seq 438, ack 183, win 512, options [nop,nop,TS val 2971113500 ecr 2971113497], length 0
13:04:02.388927 lo In IP6 localhost.8123 > localhost.48802: Flags [F.], seq 183, ack 439, win 512, options [nop,nop,TS val 2971113503 ecr 2971113500], length 0
13:04:02.389038 lo In IP6 localhost.48802 > localhost.8123: Flags [.], ack 184, win 512, options [nop,nop,TS val 2971113503 ecr 2971113503], length 0
As you can see that the requests come with IPv6
Thank you for you support
P.S. I want to do it this way because the RPI hosting HA will be behind a router with a SIM card. So I won’t be able to reach it through DDNS