I have my HA set up with a DuckDNS domain with a LetsEncrypt cert. My router doesn’t support NAT loopback so I have a separate Pi-Hole with Dnsmasq running. My problem is that sometimes (not all the time), I can’t connect to HA locally using the domain name. I can connect to HA using 192.168.1.xxx:8123 locally, or https://xxx.duckdns.org remotely, but when I try to connect using https://xxx.duckdns.org:8123 locally (or remotely), a screen pops up and says unable to connect to Home Assistant (screenshot below). I know dnsmasq is running as I have other domains that route properly. Has anyone seen issues similar to this?
Screenshots:
Config:
Thanks for the response, unfortunately that didn’t solve the issue. I set up nginx, but now my local traffic is through http instead of https, and I still can’t access it locally using my domain (same screenshot).
If you are using PiHole, you should add xxx.duckdns.org to your local hosts file. Follow the directions here: https://discourse.pi-hole.net/t/howto-using-pi-hole-as-lan-dns-server/533
Right now you can have two problems:
- Your browser gets the EXTERNAL IP address for xxx.duckdns.org, so it tries to connect to the external IP and the server returns back to your internal address with its internal address, which is not expected by your machine, so it fails
- When you try to access with the internal IP address (instead of the xxx.duckdns.org name) the certificate does not belong to the IP, but to the name, so you will get a security error. Depending on the browser this will fail again.
You have to configure your internal DNS server so that it returns the internal IP address of your HA server when you ask for xxx.duckdns.org. That way the connection will work from inside and outside. That’s the way I have it at home, with a RPI with PiHole as DNS server, both for the internal LAN and to connect to Internet.
Regards.
Ps. Maybe this is a little complicated to explain, but the solution is just get your DNS to return the internal address when asked from the LAN. That’s all