I have done the setup of this but it does not work, which was sort of expected. I am not using DuckDNS as I already have my device setup for external access. It is connecting with a Let’s Encrypt certificate etc.
i.e. you can goto to server.domain.com and access HA forced to HTTPS if required.
I DO have MFA configured through HA so for external connections you would normally have to do this. I was assuming though that the long-lived token was being used instead of MFA for this type of connection?
The connection to my HA device comes through an HA proxy. Is it this that is causing me the problem? The proxy sits on the external device and converts the incoming server.domain.com requestion through to 10.0.0.123:8123. The external connection does not specify the port.