Unable to use iOS App from external network (Internal works)


#1

I am using HA and a nginx reverse proxy in front with SSL (Let’s Encrypt). When i access HA from the internal network everything works fine. So i can login with the iOS app and with all browsers.

However, when i try to access my HA from an external network the iOS app is unable to login and my ip gets banned. If i try safari on the iPhone i can login.

2018-11-15 19:13:19 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from xxx.xxx.xxx.xxx
2018-11-15 19:13:19 WARNING (MainThread) [homeassistant.components.http.ban] Banned IP xxx.xxx.xxx.xxx for too many login attempts

iOS version: 1.1.1
HA version: 0.82.0

Is there something i need to setup? I noticed that when i access through a browser i need to provide username and password, but the app just needs a password.


#2

Try the beta app Public Beta Testing is now open!


#3

That solved my issue! Thanks for the quick help.


#4

@DavidFW1960 Tried the beta app a little bit during the day, but it looks like it sometimes failed to authenticate. When i am
Leaving my wireless i see a failure, but still works since it just fails once. After several times leaving home my iOS device is banned again.

Is someone else having issues like this?


#5

I can’t connect to my duckdns/nginx address on the app, whereas I can in a web browser.


#6

I have the same setup as you with a container running lets encrypt and nginx doing a proxy pass to my home assistant container. I installed the beta but haven’t found the right combination of settings to authenticate. I tried Advanced and set an internal URL with an internal IP but validate fails with a connection error “Could not connect to the server”
If I vpn in validate works.

Without the vpn I just get the login screen that always fails (username or api key options). Internal log is always failed from 127.17.0.7

What combination of settings do you use?


#7

I am using the external dns url and disabled the legacy authentication within the application. Also the “Use internal url” and “basic authentication” is disabled.

Are the nginx settings correct and is it reachable from outside the network? Maybe first start to check the nginx logging while trying to reach HA from outside the network. Can you see that nginx forwards your request to HA?