Thanks for the reply! I will take a look at the video. I have been trying lost os things because the strangest thing is that everything happened overnight. I have been running HA for years without this problem and didn’t change anything recently. I don’t know if ISP can change that without notification.
Yesterday, all of a sudden i also have this issue.
i haven’t done anything with my configuration in weeks and it has worked, but last night i couldnt access home assistant.
https://xxxxxx.duckdns.org:8123 does not work
connecting thru iPad or/and iPhone app does not work
it doesn’t matter if i am on my wifi or on external network, connection does not work.
connecting thru https://192.x.x.x:8123 does not work either…
connecting thru https://homeassistant.local:8123/ works
From what i can see when i manage to connect thru https://homeassistant.local:8123/ is that the https:// is in strikethru in chrome, do not know if that is something relevant tho.
Have anyone of you managed to solve this? as i said above, this just happened, all of a sudden.
hit this same issue today. SSL working for months. After a hard reboot of the Pi i couldnt get the Hass gui, but services were running (Samba, dhcp).
https://xxxx.duckdns.org —no result
https//192.xxxx:8123 — no result
Outside access is broken also.
only url loading is with https://homeassistant.local:8123 . I get the cert error but thats ok, i get a login screen and can get in. I reloaded nginx and duck addins, nothing weird in the logs.
I got the same thing after the last update, I can access locally but not through duckdns.
Tried everything but it doesn’t want to work. It killed my alexa as well.
In the log of NGINX:
2021/07/10 12:14:40 [error] 219#219: *27 upstream prematurely closed connection while reading response header from upstream,
I’m having this same issue. Nothing changed, but now external access from *.duckdns.org gives me “can’t connect to home assistant”. Local IP address does work. Nothing in the logs. Curious if anyone has figured out what’s going on
Have you updated your installation to 2021.7.x?
Yeah, I just did. It wasn’t working, so I updated to 2021.7.4 and still not working.
Have you read the breaking changes for using a reverse proxy?
If you are using a reverse proxy, please make sure you have configured
use_x_forwarded_forandtrusted_proxiesin your HTTP integration configuration.
I saw it but didn’t read it. But I guess this must be it. I don’t think of myself as using a reverse proxy? But maybe I’m wrong?
Any suggestions for what IP addresses and subnets I’m whitelisting? Do I now need to keep a whitelist of any IP my phone has??? I feel like I’m missing something here…
“This is required when using use_x_forwarded_for because all requests to Home Assistant, regardless of source, will arrive from the reverse proxy IP address. Therefore in a reverse proxy scenario, this option should be set with extreme care. If the immediate upstream proxy is not in the list, the request will be rejected. If any other intermediate proxy is not in the list, the first untrusted proxy will be considered the client.”
Most modem/routers the internet company will give you don’t allow you to turn on NAT loopback. This allows your internal devices to connect to an external URL that directs back to your LAN. If you don’t have it, you will only be able to connect to your Home Assistant with your internal instance’s IP, homeassistant.local, or by connecting to the external URL from outside the network.
An easy way to test if this is your issue is by disabling WiFi on your phone and then trying to connect via your external IP. If it works this is your issue.
Also remember to have an NGINX proxy manager that supports websockets, because Home Assistant uses a websocket based API. If you don’t have support for this then you’ll be able to see the login screen, but the login will hang endlessly giving you the “Unable to connect to Home Assistant.” error.
If you don’t have NAT loopback you can configure your own DHCP server and edit its hosts file to achieve a hacked up version of NAT loopback.
If this comment helped you out please leave a like. I spent days figuring out how all this worked. I usually never post solutions, but here y’all go. This was particularly frustrating so I felt I had to post it.
1 Like
Hi @MAurOsX , I have the same problems like mentioned by others.
When on local network I have only access to HA via IP address or homeassistant.local:8123 with no secure warning in google chrome. So test.duckdns link is not working (or very very slow).
When on outside network I can access my HA via test.duckdns and is very responsive as it should be.
So problem: when on local network the test.duckdns is not working.
I have the router Deco M9 (from TP-link)which it seems doesn’t support NAT loopback unfortunately.
So I installed NGINX as you described and the proxy host mentions it is online. the addon duckdns is also still running and I have changed the config accept_terms: false. Next In my router I forwarded port intern 8123 to extern 8123. Port intern 433 to extern 433. Port intern 80 to extern 80.
In the end this does not work. I’m a bit overwhelmed and do not fully understand what could be wrong our how to debug and test this. Am I overlooking something? Would anyone be so kind to help me along the way?
I am no expert but I am sure someone more knowledgeable will.be along in a moment. First no need to.open port 80, and not sure it’s a good idea. Next you are using https:// for the address.
Hi Phil,
could you please explain your configuration better? Are you using HA on your PC or mobile device? if on mobile, by home assistant’s app or directly from chrome / Safari?
…out of curiosity, why don’t you connect locally…locally (homeassistant.local:8123) but want to go through the proxy?
If you cannot do loopback, hairpin, etc. on your router then you will never be able to acccess mysite.duckdns.org OR at least I have never found a way.
Basically here is what that feature does. If you have it then you put an entry in your DNS for your router that says when I go to mysite.duckdns.org then forward to homeassistant.local:8123.
If you do not have that then it leaves your network, hits an external DNS which says send it back to the same IP address and it gets all confused, and pukes (that is the technical term).
If you can’t do this then access internally via homeassistant.local:8123 OR your local IP:8123 and externally mysite.duckdns.org. In fact the mobile app has an internal and external URL for this specific reason.
Hi all, Thanks for the responses. I fixed it eventually after searching for answers for weeks.
For those also have the same problem, here is what I did. Hopefully this helps others as well.
So I own the TP-link DECO m9. These routers don’t support loopback or hairpin. So the solution is to have your own DNS server running on home assistant. Watch this video from 12:32 where it explains and debug DNSmasq add-on. Home Assistant Remote Access for FREE - DuckDNS + LetsEncrypt + Single URL - YouTube
To learn all the ins and outs watch the complete video and have all the port forwarding in the router correct as well as the DNS in the router and the DNS settings from the DNS add-on on HA
1 Like