TrustedProxies doesn't use correct subnet masking

Hey all…
I’m using Clouflare to passthrough traffic to my domain and to my HomeAssistant subdomain.

I’ve configured HomeAssistant HTTP part this way:

    ip_ban_enabled: true
    login_attempts_threshold: 5
    use_x_forwarded_for: true
      - !secret traefik_ip
      - !secret router_ip
   # Cloudflare Servers:

Yet - when accessing HomeAssistant (through Cloudflare) I see this:

Refresh token for
Created at April 15, 2020, 11:32 AM
Last used at September 14, 2020, 12:55 PM from 172.68.xx.xx

As far as I understand - subnet should cover my case (172.68.xx.xx)

I also have a docker container for whoami where I’m seeing this:

X-Forwarded-For: 31.154.xx.xx, 172.68.xx.xx
X-Real-Ip: 172.68.xx.xx

So the X-Forwarded-For does forward the right data, but for some reason HomeAssistant doesn’t work with it.

How to troubleshoot this? Do I have some wrong configuration?


Just a quick remark…
Any IP6 configured?
I also experienced issue with HA connections after I changed provider, turned out it wasn’t working due to IP6 used by new provider :confused:
Once I disabled IP6 in my router, things started working again :slight_smile:

Have you tried to use Cloudflare IP6 too in HA configuration? Can you even do that?

– Update –
@aceindy - tried your solution, unfortunatelly without any luck…

Too bad, worth a try though :wink:

Looks as if this was fixed in 0.115

1 Like

Seems it did, I no longer have issues with it :wink: