Home Assistant Secure Remote Access For Free (Tutorial)

แชร์
ฝัง

ความคิดเห็น • 260

  • @ebola1974
    @ebola1974 8 หลายเดือนก่อน +2

    Thank you! I was about to pay £7 a month to do this then saw your video and its a nice short video so I knew it would be good. Remote access is now working!

  • @htvekov
    @htvekov ปีที่แล้ว +7

    This video was exactly what I've been looking for. Precise and detailed. Especially glad for the ESPHome part. I would never have figured that out myself 🙂Got it up and running without issues at all. Thank you !!

  • @fareed_6030
    @fareed_6030 ปีที่แล้ว +4

    Thank you so much. I was tearing my hair out trying to figure out what settings I was doing wrong, and no other tutorial I had seen had 2 steps which you had which made everything work. Thank you!

  • @StannyBoiii
    @StannyBoiii ปีที่แล้ว +2

    Legend after trying lots of other tutorials non worked properly.
    This however worked straight away!
    Thanks so much!!

  • @zag164
    @zag164 ปีที่แล้ว +4

    Thanks so much for the excellent tutorial. As 8126 is the default SSL port for HA, I mapped it to a different port number externally to make it harder for bad actors to guess. I also enabled 2-factor authentication as an additional security measure.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      8126 was a slightly random port I chose for this demo, but you’re right to pick your own. And yes 2FA should definitely be enabled, been using the TOTP generator in Bitwarden myself, working really nicely

  • @kn4yba80
    @kn4yba80 ปีที่แล้ว +6

    This video was exactly what I needed in setting up the remote access. Thank you for taking the time in developing it.

  • @GiovaDuarte
    @GiovaDuarte 5 หลายเดือนก่อน

    I tried many.. many options and I always had issues trying to make it work and your video was it! Thanks for the quick video that resolved my issues.

  • @grant_HH
    @grant_HH ปีที่แล้ว

    Thanks for this.
    I had theis set up and working on home assistnat on my PI, backup and restore into a VM over a year ago with no issues.
    SSD went form 50% wear to dead in less than a month, so hadn't done a proper backup since migrating from the PI. A clean start with a year and a bits experience of tinkering with HA is probably a good thing, but I forgot how much of an absolute ball ache trying to set up Duck DNS & Nginx can be when your just trying to follow along with the documentation.
    Easy when you know how :D

  • @malcolmwarden3052
    @malcolmwarden3052 7 หลายเดือนก่อน

    I can't thank you enough for this video.
    Well paced presentation that assumed no previous knowledge and gave everything to make it work.
    I'm now off to view your other video and get more devices connected and more functionality.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  7 หลายเดือนก่อน

      I'm glad you found it useful, I hope you enjoy the other videos

  • @cranruiz
    @cranruiz ปีที่แล้ว

    friend you are a crack! OF all the videos I watched, this was the simplest and most effective, I had been trying to do it for a long time but thanks to you I was able to do it. My admiration and gratitude to you champ

  • @EyadMojahed
    @EyadMojahed ปีที่แล้ว +1

    thanks for the straight forward tutorial, i followed the steps and it works perfectly

  • @oleth5799
    @oleth5799 9 หลายเดือนก่อน

    Very clear and understandable instructions. I have been scared to dig into this but now i feel safe to start. Thank You!

  • @ajl182
    @ajl182 ปีที่แล้ว +3

    Great instruction only problem I had was duckdns wouldn't allow me to put in my domain in the ui but it was fine in YAML.

    • @garrybowden
      @garrybowden ปีที่แล้ว

      Yes, I'm getting the same issue. I'll try the YAML.

  • @anonimo_surfeador
    @anonimo_surfeador ปีที่แล้ว +3

    A lot of people warn against port forwarding based on the assumption that you can be hacked by opening up the port to the Internet. Should we be concerned about being hacked if we follow this process?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +3

      There is a risk of course, but you can minimise it by keeping Home Assistant up to date and enabling two-factor authentication for your user account. Connecting anything to the internet comes with a risk, but I don't think opening up the port for remote access is any less secure than making it accessible via any other method.

  • @ThaGuus
    @ThaGuus 2 ปีที่แล้ว +1

    I would recommend people to look into cloudflared as well since it doesn't require you to port forward or setup a nginx server.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      Nothing really wrong with the Cloudflare approach especially for those who aren't given a public IP address by their ISP. However, my approach minimises the number of third party services you are relying on to just DuckDNS and LetsEncrypt, and lets you keep control of your server's security.

  • @enerbot283
    @enerbot283 2 ปีที่แล้ว +1

    At last someone explaining this in a clear manner and to the point (unlike pedantic elitist HA channels such as "everything smart home")

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว +1

      Haha thank you, I'm trying to take a slightly different approach although I thought Lewis' videos were pretty good - he's done one on a alternative way to get remote access using Cloudflare which is great if you aren't able to forward ports through your router, or don't have a valid public IP on your broadband WAN interface.

  • @peterliakopoulos7149
    @peterliakopoulos7149 วันที่ผ่านมา

    I'm completely new to all of this and so I followed your instruction to the letter. Got to the bit in Developer Tools to check configuration and I get the following error:
    Error loading /config/configuration.yaml: mapping values are not allowed here
    in "/config/configuration.yaml", line 14, column 20
    My line 14 reads: trusted_proxies:
    Please help!. TIA

  • @TonyWheeler60
    @TonyWheeler60 ปีที่แล้ว +1

    JUST FYI and in case it helps others.... After changing ISP I ran immediately into an issue with this configuration - or so I thought. In fact the problem seems to be be that Octaplus UK use Carrier Grade NAT (CGNAT - something I know very little of). This effectively means a normal port forwarding configuration cannot work (and it was indeed failed after changing ISPs). After my complaints about them not publishing such a fact up front they provided a static public IP address and all is now fine. I personally don't understand enough of the CGNAT tech but even if I set the currently assigned Public IP address on Duck DNS the port forwarding of my TP Link router could not work.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Yes CGNAT will not work with this method and that’s something I should have mentioned in this video. CGNAT is very popular in the US, but less used in the UK although I suspect that will slowly change over time due to cost.

    • @jonathanthomson5000
      @jonathanthomson5000 ปีที่แล้ว

      A perfect use case for Cloudflare tunnels. I run my Home Assistant instance using CF, there’s a HACS package to install it and it works without a static IP, dynamic IP or without punching holes in your firewall.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +2

      Yeah I think Cloudflare tunnels (or similar solutions) are going to be the future as IPv4 addresses become more infrequently used by ISPs on home broadband connections. My preference for the NGINX method is less reliance on third parties (yeah, I know, DuckDNS / LetsEncrypt - but even they can be worked around if necessary) but eventually I think proxied tunnels like Cloudflare are going to be the way forward, but how long they can offer that for free for is anyone's guess.

  • @geirvalsvik1780
    @geirvalsvik1780 2 ปีที่แล้ว +1

    Great video, easy step-by-step guide to setting up DuckDNS and port forwarding. I'm using this and also NGINX for my remote access to HA, it works fine. Only question I have that you may know the answer to: What happens when my Internet Service Provider change my external IP adress, will the DuckDNS addon in HA take care of updating the new IP adress to DuckDNS?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว +1

      Yup you’ve guessed it. The add-on is monitoring your external IP address and updates the Duck DNS record accordingly

    • @geirvalsvik1780
      @geirvalsvik1780 2 ปีที่แล้ว

      @@SpeakToTheGeekTech Super, that is good news! Thanks for the reply :)

  • @daftfool
    @daftfool 20 วันที่ผ่านมา

    I can access via the duckdns provided IP:Port (Not https) but cannot access via domainname.. I feel like this must be something really trivial but I cannot work it out, any ideas?

  • @MarkHorne-i4q
    @MarkHorne-i4q 4 หลายเดือนก่อน

    Thank you for putting this together. I'm stuck at the last stage, suspect it is as I have a sky router which is then connected to a deco mesh network - should the port forwarding work anyway, or is an additional step needed for having an extra stage in my setup?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  4 หลายเดือนก่อน

      You’ve probably got double NAT so you would have to forward twice. Very complicated if you don’t know how and not something I can talk you through.

    • @muneeb.janjua
      @muneeb.janjua 2 หลายเดือนก่อน

      @@SpeakToTheGeekTech I've had same setup with a different ISP (Internet -> ISP Modem -> Deco Mesh Network -> HA). I have been trying to forward twice but it doesn't seem to work. I'll keep posted about the results

  • @ItayPollak
    @ItayPollak ปีที่แล้ว +1

    Wow. Nice. Very simple to follow. Will check later!

  • @Renvilo
    @Renvilo 6 หลายเดือนก่อน

    Awesome tutorial!! Works with no issues.

  • @michaelvilla696
    @michaelvilla696 11 หลายเดือนก่อน

    Thank you so much!!!!! I've finally made it work properly! My problem was that, i think, my router is using for itself port 443, that anyone on the web says to use. Changing that port fixed my problem! Just one question. I've also forwarded port 80 to 80, as a saw in other tutorial, for using local http. Is it ok?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  11 หลายเดือนก่อน +1

      Hi, you can forward 80, but you forward 80 to 8123 because that's what Home Assistant uses. I'd suggest you don't though, much better to forward your HTTPS port only on your router, and then access your Home Assistant server using HTTPS remotely as you have already configured, or HTTP on TCP 8123 via the IP address if you want to do so locally.

  • @PaulBlouch
    @PaulBlouch 7 หลายเดือนก่อน

    Dude, you rock! That was a good tutorial and easy to follow.

  • @konstantinoschristopoulos548
    @konstantinoschristopoulos548 หลายเดือนก่อน

    Hi there, this video is more helpful than anything else I have watched so far. I have managed to follow the steps explained during the video, and I can say that I can access my homeassistant when I am connected to my local network using the my custom duckdns url. However, I cannot access my homeassistant via external networks and I think it's because I am running a virtual machine (VirtualBox) to be able to communicate to my homeassistant. Any suggestions? Thanks!

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  หลายเดือนก่อน

      That's not something I could easily talk you through in TH-cam comments. The solution will work for you in your setup, but you have to make sure you have configured your VirtualBox networking correctly so as HA has a dedicated IP address on your network and it's not hidden behind another layer of NAT.

    • @konstantinoschristopoulos548
      @konstantinoschristopoulos548 หลายเดือนก่อน

      @@SpeakToTheGeekTech Thank you for your quick reply, I’ll try to sort it out checking my network adapter configuration then. I am currently using the bridged adapter option which I think is the most suitable to give my VM its own IP. If it gets too complicated I’ll try a different method, thanks again!

  • @bjornandersen1060
    @bjornandersen1060 3 หลายเดือนก่อน

    This was excellent and I could follow almost all of it to the letter. However, one thing got me stumped, when adding the line to the config.yml file, it is said that this is NGNIX subnet url, but I couldn't really understand where to find this?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  3 หลายเดือนก่อน

      If you have a standard install of Home Assistant OS then just type it exactly the same as I have.

  • @martinflaig4354
    @martinflaig4354 2 ปีที่แล้ว +2

    Thank you very much, easy to understand and worked for me.

  • @khanx071
    @khanx071 10 หลายเดือนก่อน

    Great video, all except the add-on part worked for. On the full article It talks about ESPHome fix, it says apply the fix if external URL gives issues with add-on, however I had the opposite effects, the external URL works fine but the internal URL has "401: Unauthorized" error.
    Any pointers to how to fix that.
    Again, great video on how to get things setup

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  10 หลายเดือนก่อน

      Are you definitely using the internal port 8123 and http not https when trying to access internally?

    • @khanx071
      @khanx071 10 หลายเดือนก่อน

      @@SpeakToTheGeekTech I doubled checked everything and had cleared my cache, however after restarting the windows PC to access HA worked locally, it's working now

  • @alanbennett3812
    @alanbennett3812 2 หลายเดือนก่อน

    Perfect video. Very clear and precise. Thanks.

  • @jarmonieminen5136
    @jarmonieminen5136 ปีที่แล้ว

    Thank you for sharing this useful video. I have NGINX and DuckDNS up and running and no any errors on the log file. But not able to get a secure connection. Any hints/tips what to take a look at please?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Hi, firstly you need to make sure your ISP has given you a public IP address and is not using something called CGNAT. Then check you have port forwarding enabled on your router, and also only test access from an internet connection that’s external to your Home Assistant installation

    • @jarmonieminen5136
      @jarmonieminen5136 ปีที่แล้ว

      @@SpeakToTheGeekTech thanks for your quick reply! I was double checking all the configurations. I noticed these lines were missing from my configurations.yaml file: ssl_certificate: /ssl/fullchain.pem, ssl_key: /ssl/privkey.pem - and now it works well.

  • @martinbrown809
    @martinbrown809 ปีที่แล้ว

    Excellent Video, well explained. Your way of doing this worked first time. Keep up the good work

  • @andregordo
    @andregordo หลายเดือนก่อน

    whats the difference between nginx and the nginx proxy manager?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  หลายเดือนก่อน

      "NGINX Home Assistant SSL proxy" is the add-on demonstrated in this guide and is intended to just manage the secure remote access of the Home Assistant server on which it is running. "Nginx Proxy Manager" is much more advanced and allows that same functionality, but also the ability to proxy other services running on other servers, or use multiple certificates, etc.

  • @arikontiainen
    @arikontiainen ปีที่แล้ว

    Thank you for this very clear tutorial. I found the video (and yout blog post) easy to follow and I’ve been implementing the changes as described - but for some reason I just don’t get the connection to work. DuckDNS and NGINX logs look good, mobile router configuration is ok and HA configuration changes, too. I even implemented the ESPHome changes, because I do use that add-on. But no, I don’t get the connection from outside. Any hints on where & how to debug this? (And yes, I have a public IP address in use 😅)

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Have you tested it from outside of your network?

    • @arikontiainen
      @arikontiainen ปีที่แล้ว

      @@SpeakToTheGeekTech Found the problem & now everything works ok. My mobile operator had a different APN to be defined in the 4G modem for the subscription which has public IP address capability.

  • @MrMgoose
    @MrMgoose 2 ปีที่แล้ว +1

    I followed the video. External access works great. But File editor and zwavejs2mqtt says 401: Unauthorized when accessing from a local IP. For external it works. What could it be?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      I’ve not seen that at all before. Are you accessing it locally using http not https?

    • @MrMgoose
      @MrMgoose 2 ปีที่แล้ว

      @@SpeakToTheGeekTech Locally, http. I solved by accessing with external url (https) even when I'm on a local computer. Google Chrome (used at work) also claims that HA is 'Dangerous' and that I should avoid revealing my password. The policies at my workplace don't like redirects, perhaps that's why?

  • @larsholm6126
    @larsholm6126 2 ปีที่แล้ว +1

    What an amazing tutorial. Works like a charm. Thanks!

  • @peterliakopoulos7149
    @peterliakopoulos7149 วันที่ผ่านมา

    Sorted that problem out! Went through to the end but cannot for the life of me access the new domain name!!

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  วันที่ผ่านมา

      There could be so many things causing the problem that it's impossible for me to say what the specific issue is in your situation sorry. You'll have to go through logs for the add-on, and also confirm you have a public IP address not a private one on your router, confirm that port forwarding is working, test it from a different internet connection, etc. Piece by piece troubleshooting ruling out one component at a time.

  • @srenthorup6300
    @srenthorup6300 7 หลายเดือนก่อน

    Thanks for this guide! - works like a charm!

  • @dilpreetsohanpal3062
    @dilpreetsohanpal3062 8 หลายเดือนก่อน

    Absolutely brilliant tutorial. Thank you for sharing

  • @silr3088
    @silr3088 ปีที่แล้ว

    This video was super useful and it worked fine for me for couple of months, but after the new release of HASS the part to add your Duckdns address to the home assistant URL is disable and it stopped working. any idea how to fix this? thankls

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Not sure why's it's disabled, but there's an option to edit the configuration in YAML. On the add-on config page, three dots in the top right, choose Edit in YAML. You should be able to edit the config to have your domain in the list at the top:
      domains:
      - YOURDOMAIN.duckdns.org

  • @cardynal785
    @cardynal785 8 หลายเดือนก่อน

    hi
    i have problem with router, i have old tplink wr941n so i cant find port forwarding list in menu i dont know how to find it. if you can please help thank you

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  8 หลายเดือนก่อน

      I can be of no more help with that than Google can be: www.pcwintech.com/port-forwarding-tp-link-tl-wr941n-tp-link-firmware

  • @anubhavjain700
    @anubhavjain700 5 หลายเดือนก่อน

    will I need static ip in order to do port forwarding ?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  5 หลายเดือนก่อน

      Usually yes. You can either configure this manually in Home Assistant, or you can assign as a reservation in your router's configuration so as it always gives Home Assistant the same IP address. Otherwise if the IP address of Home Assistant changes, your forwarding rule will be pointing to the wrong location.

  • @cc789cc
    @cc789cc หลายเดือนก่อน

    thank you! Very clear and detailed

  • @whereswardlaw
    @whereswardlaw 9 หลายเดือนก่อน

    Dear Mr Geek, I liked this video and think I will give your setup a try. Will the HA app on my Android phone work as well or will I have to use my phone browser? Thanks!

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  9 หลายเดือนก่อน +1

      Yup once you have set it up you can use your new external url in the app too

    • @whereswardlaw
      @whereswardlaw 9 หลายเดือนก่อน

      @@SpeakToTheGeekTech Nice. Think I'll work on that today...

    • @whereswardlaw
      @whereswardlaw 9 หลายเดือนก่อน

      @@SpeakToTheGeekTech Well, I started following your guide last Tuesday... took about 15 minutes to implement your fine instructions. However, I came to find out that Starlink does the CGNAT thing and a simple duckdns won't fix it. So, do I VPN tunnel or do I bite the bullet and go full IPv6!? After a 4 day learning journey I pulled the switch and converted to IPv6 on my home network and all seems to be working. I still don't fully understand some IPv6 stuff and Duckdns doesn't like it yet (still working on that) but I can access HA remotely with my new IPv6 public address:port number... Still some bugs to work out but I'm happy, happy, happy! Thanks for spurring my adventure.:
      Starlink set to Bypass mode
      gl.inet Beryl router set to IPv6 mode
      Router firewall set to open port 8123
      2 factor authentication turned on in HA
      Cheers
      Eric--

  • @hija97
    @hija97 6 หลายเดือนก่อน

    This method just suddenly stopped working for me even though it has been rock solid for the past 6 months. Any help would be greatly appreciated. Thank you!!!

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  6 หลายเดือนก่อน

      There are so many places it could have fallen over that it's impossible for me to assist easily. Start with the obvious, run through the configuration process step by step making sure each stage is working before checking the next.

  • @SoeLay-wh9uf
    @SoeLay-wh9uf 10 หลายเดือนก่อน

    I do have static ip from my service provider. I tried to use static ip instead of ddns but I can't. Could you give me some advices please if you don't mind?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  10 หลายเดือนก่อน

      https only works properly with a hostname because the certificate is tied to the domain. If you try and use an IP address you'll get browser warnings.

  • @Hans-gj3vk
    @Hans-gj3vk ปีที่แล้ว

    Super tutorial. Thank you very much!!! Works great.

  • @unknown5901
    @unknown5901 ปีที่แล้ว

    Does this work also for the Mobile App?

  • @RaffaeleLongobardiUmibozu83
    @RaffaeleLongobardiUmibozu83 2 ปีที่แล้ว

    Excellent guide and easy to follow even for those who know little English. Greetings from Italy

  • @michaelmcgoldrick78
    @michaelmcgoldrick78 ปีที่แล้ว

    instead of file editor is there another option? it wont start on my home assistant when installed - thanks!

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      There’s the Filebrowser add-on, or if you’re feeling adventurous the Samba share add-on which will let you browse to the confit share on your server itself and edit the files using whatever local text editor you like.

  • @fabriziooddo9245
    @fabriziooddo9245 10 หลายเดือนก่อน

    Thank you for the tutorial. NGINX keeps stopping automatically, the log says "stat: can't stat '/ssl/fullchain.pem': No such file or directory". Any idea on how to fix it?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  10 หลายเดือนก่อน

      Sounds like the duckdns addon hasn’t obtained your certificate for your hostname

    • @fabriziooddo9245
      @fabriziooddo9245 10 หลายเดือนก่อน

      @@SpeakToTheGeekTech thanks for the advice, I reset duckdns to default settings, created a new domain and started the process once more. This time I kept an eye on the duckdns log and the certificate was obtained correctly. All working now. I have also added an ip ban with login attempts threshold in yaml for extra safety but not sure if it was necessary.

  • @freesty
    @freesty 11 หลายเดือนก่อน

    Hello. I don't know what I did wrong but doesnt work for me.
    I have qnap NAS running home assistant in virtualization station. I also have modem/router set to bridge mode and connected to xiaomi AX3000 mesh system to which qnap is plugged in.
    I did everything in the video. I opened the port 8126. I tried using the qnap's IP and also tried it with HA's IP. Still cant connect to the duckdns url.
    Any clues?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  11 หลายเดือนก่อน

      So many cogs in that to inspect. Firstly make sure Home Assistant has a normal LAN IP address and hasn't been NATd behind your NAS's IP. You must be able to access Home Assistant on the local IP address on both ports 8123 and 8126 (if that's what you've configured on NGINX) on your local LAN before trying to access remotely.

    • @freesty
      @freesty 11 หลายเดือนก่อน

      @@SpeakToTheGeekTech Thanks for the fast answer. If i check my router, the HA's IP ends in .73 and the NAS's ip ends in .65. I opened the port 8126 on ip .73. But i can connect to HA locally on the port 8123 but not the 8126. So that is my first problem i guess. You might know how to fix it?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  11 หลายเดือนก่อน

      Trying to connect locally to the IP address using https on 8126 will not work, but you should get an SSL-related error (Chrome would say ERR_SSL_UNRECOGNIZED_NAME_ALERT for example) which indicates that it is at least reachable in theory. If you get that far then the problem is either with your forwarding (assuming you have other stuff working like this forwarding ports through to your NAS?) or your NGINX configuration. If you don't get that far then it could be your virtualisation platform or NAS blocking that port. Basically you have to go through each individual component and rule it out one by one, there's too much to diagnose in one go.

  • @kobedde
    @kobedde ปีที่แล้ว

    Thank you for this clear tutorial.
    However, I have a problem. NGiNX cannot start. "Port '8123' is already in use by something else on the host."
    When I change the port I get the same error message.
    Who can help me here?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      It sounds like you might not have followed my guide correctly - NGINX shouldn't listen on 8123 because that's Home Assistant's port, you need to configure it to use a different port. My guide suggests using 8126 in the NGINX configuration. It must be a port not already in use on your Home Assistant server.

    • @kobedde
      @kobedde ปีที่แล้ว

      @@SpeakToTheGeekTech Indeed, this is the solution. Shame on me 😔
      Thank you for your support!! 👍

  • @HansLaros
    @HansLaros 11 หลายเดือนก่อน

    Excellent tutorial. Many thanks!!

  • @ched999uk
    @ched999uk ปีที่แล้ว +1

    very helpful and well explained. Thanks

  • @Kvano333
    @Kvano333 2 ปีที่แล้ว

    Thank you! Everything worked like a charm.

  • @MrRobatoTomato
    @MrRobatoTomato 23 วันที่ผ่านมา

    For microphone to work, do I need https also in the internal network?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  23 วันที่ผ่านมา

      Microphone? That's not really anything related to this tutorial. This is all about accessing Home Assistant remotely - your microphone is very much a local piece of hardware and only exposed to the local system for specific software to interact with, so the only real connection between my tutorial and a microphone would be if the add-on or integration you are using with the microphone needs to be made available remotely.

    • @MrRobatoTomato
      @MrRobatoTomato 23 วันที่ผ่านมา

      @@SpeakToTheGeekTech You are right that my question may deviate from the topic of the video. I am looking for a secure way to access HA remotely, *while* enabling voice features of HA. Apparently https is required for voice access (SIP doorbells or voice assistants). So in my case, I think I will need https connection in the internal network as well. Thanks for taking the time, sorry if this is off-topic.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  23 วันที่ผ่านมา +1

      You might be correct, HTTPS is required for a number of things in HA even locally (such as secure ESPHome updating) so it wouldn't surprise me if it's also required for other purposes. My tutorial would also enable HTTPS to work from your internal network - I use my external address over HTTPS to access Home Assistant most of the time even if I'm on the same LAN.

    • @MrRobatoTomato
      @MrRobatoTomato 23 วันที่ผ่านมา

      @@SpeakToTheGeekTech 👍In that case, do you have a fallback in case internet is down?

  • @TonyWheeler60
    @TonyWheeler60 ปีที่แล้ว

    Thanks - a great video that was easy to follow. I've now got secure external access :). I noticed that you used the file editor to go up a level out of config. I am using a Raspberry Pi install. Should I be able to see files and folders above the config folder? I'd guess so but both of my HA installs deny me that access. Have I missed something? I can access above this level via Samba share to Windows but was surprised top see you navigate above config with HA.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Yes, but it's not enabled by default. Go to the File Editor add-on's configuration page and UN-check the option to Enforce Basepath.

  • @stefanlaterra5797
    @stefanlaterra5797 2 ปีที่แล้ว

    In the Network settings of home assistant: I only have Hostname and configure network interfaces as options, I do not have home assistant URL or Network adapater?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      Hi, that sounds like you need to enable Advanced Mode first, see 6:36 in the video: th-cam.com/video/zbchVXoMskk/w-d-xo.html

  • @ShankarJadapa
    @ShankarJadapa 2 ปีที่แล้ว

    One of my component Konnected device stopped working after this implementation. Konnected configured on http and after this implementation it became https. How to fix this

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว +2

      This external access method does not change the internal unencrypted http access option. Perhaps the integration is not auto-detecting the URL properly and you need to manually set the “Override default Home Assistant API host panel URL” in the Konnected integration configuration. See that on the integration page: www.home-assistant.io/integrations/konnected/

  • @ErezMaruani
    @ErezMaruani 5 หลายเดือนก่อน

    I do exactly as you explain the ports are open but it doesn't work.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  5 หลายเดือนก่อน

      Has your ISP possibly given you a private IP address instead of a public one?

    • @ErezMaruani
      @ErezMaruani 5 หลายเดือนก่อน

      @@SpeakToTheGeekTech No! My address is public.

    • @ErezMaruani
      @ErezMaruani 5 หลายเดือนก่อน

      @@SpeakToTheGeekTech No. My address is public.

  • @harutmikayelyan1701
    @harutmikayelyan1701 2 ปีที่แล้ว

    Thank you very much. If it is not difficult, can you also show, how to set up with VPN like Tailscale or Netmaker?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      It looks like there's a HACS component available for Tailscale. I've never used the service myself but I'll investigate. Initial thoughts are that it looks really easy to configure so there might not be much of a video to make.

    • @lmelin1959
      @lmelin1959 ปีที่แล้ว

      @@SpeakToTheGeekTech I'm stuck behind CGNAT so port forwarding is a solid no-go for me as well. But with tailscale I had a VPN tunnel working in minutes. (IMHO Tailscale set is miles ahead of cloudflare and zerotier in terms of easy setup). So that solves my remote access needs, but what's missing now is https. I've been fighting with this for hours, playing with duckdns let-encrypt etc, and I cannot get the HA webserver to give me a https connection. I just want https so chrome will let me use the microphone for voice assist. If you have time, I sure could use some advice on the right way to solve this.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      The thing is, the Cloudflare solution would solve that problem for you...

  • @Ablk84
    @Ablk84 ปีที่แล้ว

    Great video thank you; unfortunately while I can get it to work fine from my web browser the very same URL in the HA companion app won't work and says bad URL :(
    Edit: Fixed it... my nextdns was blocking the domain! I'll leave this comment here just in case someone else does the same...

  • @Muppetkeeper
    @Muppetkeeper 2 ปีที่แล้ว +1

    Looks good, I’ll give this a go and hopefully it will also be good 👍🏻

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      I’ve been using this method myself now for almost a year and prefer it to the alternatives out there.

    • @Muppetkeeper
      @Muppetkeeper 2 ปีที่แล้ว

      @@SpeakToTheGeekTech sorry, I wasn’t clear, I’m sure your solution is great, it’s my ability to implement it is what is in doubt 😢

  • @olivername
    @olivername 11 หลายเดือนก่อน

    I done this but the SmartThings url says webhock not reachable and can,t access dock dns url external way any help would be great

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  11 หลายเดือนก่อน

      There are so many components involved here it’s impossible to diagnose from what you’ve said, but you need to go through each stage in the guide and confirm they have individually worked until you find the point where the fault is

    • @olivername
      @olivername 11 หลายเดือนก่อน

      Can I use 8123 port too or another one

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  11 หลายเดือนก่อน

      Another one. 8123 is for Home Assistant unencrypted so you must configure a different port to be used by NGINX for the https access

    • @olivername
      @olivername 11 หลายเดือนก่อน

      @@SpeakToTheGeekTech I use 8126 but comes up with 400 Bad Request
      The plain HTTP request was sent to HTTPS port

  • @remkovanderweide7061
    @remkovanderweide7061 ปีที่แล้ว

    Thanks for the great explanation. Worked well for me. However, after three months my SSL certificate expired and was not renewed. This may be because I am using an alias. Should your method be suitable for having DuckDNS automatically renew the SSL certificate? Basically you install the SSL certificate with DuckDNS and then dodge the DuckDNS SSL entry, using NGINX to establish the secure connection.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      My method, using the Duck DNS add-on and configured exactly as I demonstrate in this video, will automatically renew the certificate before it expires. I've had it running for at least two renewal cycles so far (last renewal was December 11th, just checked!). The Duck DNS add-on manages the renewal and I never have to get involved - the certificate is placed in a location that NGINX can also read meaning that the two add-ons work together to procure and use that certificate without needing any special configuration from the end user. If you add in an alias or other configuration/complications then I couldn't say how that would react as I've never had the need to experiment with those options.

    • @whiteravenagain
      @whiteravenagain ปีที่แล้ว

      I have the same issue with DuckDNS and no solution yet.

    • @remkovanderweide7061
      @remkovanderweide7061 ปีที่แล้ว

      Thanks @@SpeakToTheGeekTech for your response - without using the alias, renewal of the certificate works fine!

  • @jsjiang6120
    @jsjiang6120 10 หลายเดือนก่อน

    I followed your instruction and external URL works properly, but interal URL can no longer work. It'll be a problem when the internet is down.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  10 หลายเดือนก่อน

      My guide doesn’t change the internal URL at all, it only configures NGINX as the proxy for external access. Are you certain you are accessing internally using http not https and with the correct port 8123?

    • @jsjiang6120
      @jsjiang6120 10 หลายเดือนก่อน

      @@SpeakToTheGeekTech I can access internal URL by http, but some add-ons such as Terminal & SSH, Studio Code Servers can't work anymore. These two add-ons are most often used. If the internet is down, it'll be a problem. Is there a way to make these two add-ons work?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  10 หลายเดือนก่อน

      Terminal & SSH works just fine for me on the internal URL, I don't use Studio Code so can't comment. All I can say is that my guide does not change anything at all do to with local access, you are purely configuring NGINX which is a separate service running on a separate port that forwards through to the internal unencrypted port. That was the whole point of my method - to leave the internal unencrypted access method alone and avoid local access issues.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  10 หลายเดือนก่อน

      But maybe have a good look in your configuration.yaml file at the http section and in particular the trusted_proxies list to make sure you have that section correct.

    • @jsjiang6120
      @jsjiang6120 10 หลายเดือนก่อน

      @@SpeakToTheGeekTech First of all, thank you for the answers and nice video. My http section is i.imgur.com/QIDCzRn.jpg and the Terminal SSH is i.imgur.com/uqvUsvg.jpg with error message 401:Unauthorized. I suppose the Terminal needs SSL, which becomes unavailable after ssl_key and ssl_certificate being marked in configuration.yaml.

  • @Silveran
    @Silveran ปีที่แล้ว +1

    Very usefull video, thanks !

  • @georgebunoiu
    @georgebunoiu ปีที่แล้ว

    Thank for your presentation !!!

  • @Muppetkeeper
    @Muppetkeeper ปีที่แล้ว

    I’ve done all of the steps in the video, and can access my HA externally, but for some reason the web browser is saying that its “Not Secure”. That’s a bit strange

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      Usually the browser will give you a bit more information about why it considers it not secure. Are you accessing it from an external internet connection, i.e. external to the network on which Home Assistant sits? If so, things to look for are whether the certificate the browser sees is valid, and making sure that you're using https not http in the address.

    • @Muppetkeeper
      @Muppetkeeper ปีที่แล้ว

      @@SpeakToTheGeekTech thanks, I will investigate further

  • @TheDiabeticWay
    @TheDiabeticWay ปีที่แล้ว

    Thank for your video! I'm getting a error can you help on this please? Failed to save add-on configuration, Missing required option 'domains' in Duck DNS (core_duckdns). Got

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      That suggests that you either haven't added your duckdns domain name to the add-on configuration, or it didn't save correctly. Go and check that config page and you should see your domain name in a little bubble above the Domains field. If you switch to YAML mode on the config page (tap the three little dots in the top-right and choose Edit in YAML) then there should be lines of config saying:
      domains:
      - YOURDOMAIN.duckdns.org

    • @TheDiabeticWay
      @TheDiabeticWay ปีที่แล้ว

      @@SpeakToTheGeekTech Thanks I finely figured what I had done wrong! On entering the Domain Name I had not clicked on the x at the side of it took me a few attempts but got there in the end. Onto yaml file now! thanks! :-)

  • @tinkerer3954
    @tinkerer3954 2 ปีที่แล้ว

    Great video but for some reason this just does not work for me I’ve followed you video to the letter the new web address just isn’t loading up. I am running it on a pi 3 connected straight to my router WiFi extender.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      You’ve managed to forward the port on your router to your Pi’s internal IP address ok? If that’s definitely ok then you should check if your router’s external IP address is public or not (Google what’s my IP). If it’s 10. 192.168. or 172.16 something then your ISP is giving you a private IP which means you’d need to use a different method (such as Cloudflare tunnels). That’s not common though on UK broadband, so if you’re UK based then my bet is on something being slightly mis-configured.

    • @tinkerer3954
      @tinkerer3954 2 ปีที่แล้ว

      No I am US based. Yes I was able to do port forwarding with no issues. I’ll check the other stuff thank you for your help

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว +1

      I *think* (very happy to be corrected here) that it's a lot more common in the US for ISPs to give you a private (non-internet routable) IP address, so you're effectively behind a CGNAT on your own router. The only way to allow inbound traffic in that scenario is using some sort of external proxy that tunnels in. Have a look at this guy's video which will show you how to use Cloudflare to get around that. th-cam.com/video/xXAwT9N-7Hw/w-d-xo.html

  • @zenpodstateoftheartgardenb4120
    @zenpodstateoftheartgardenb4120 ปีที่แล้ว

    Why bother with encryption if you are going to let Amazon into your private network?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Do you mean why am I not just using Amazon to control everything, or are you suggesting there's no point encrypting inbound traffic if I'm letting Amazon in anyway? If it's the former, it's because that's how I prefer to control my home remotely (either that or via Apple Home). If it's the latter your argument is confusing the issue of security over public networks (against all sorts of miscreants) with one of trust and security with a large third party who has potentially conflicting interests in your data. Both valid security concerns, but both totally unrelated.

    • @zenpodstateoftheartgardenb4120
      @zenpodstateoftheartgardenb4120 ปีที่แล้ว

      @@SpeakToTheGeekTech My only point is that by securing your smart home it suggests you want to have no one else have access to or control of your devices and service whereas by using Alexa you are letting Amazon do exactly that...
      Amazon created Alexa to enable it to build a profile of each user so that it can market based on knowledge accrued via these means, eg. it has your permission to listen to everything that it can pick up and so you elect to give away your privacy by using it.
      More importantly, perhaps, is the greater and greater emphasis given to "political correctness" and so your actions and words could easily be interpreted as going against the "new rules" and Amazon could shut you off from having any control over your own network which is happening more an more regularly.
      This is just an example of someone who suffered that very loss of control: th-cam.com/video/NfiIXooD77s/w-d-xo.html
      It's totally doable now to secure the outside against attack while retaining control by using local voice activation solutions without selling ones privacy out to the likes of Google, Amazon, et al...

  • @macthaidhg
    @macthaidhg 2 ปีที่แล้ว

    Nice guide! Everything was working fine until I installed the iOS companion app - the external url causes an invalid certificate error when using the app on the local network. The app will not switch to the internal url. Android companion app works perfectly fine home or away

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      Thank you. I have it working with no issues myself, in the companion app settings you need to make sure that the internal URL is using http not https and the unencrypted port, so for example my internal URL is 192.168.1.12:8123

    • @macthaidhg
      @macthaidhg 2 ปีที่แล้ว

      @@SpeakToTheGeekTech thanks. Just checked and everything is set fine. I think there is a problem with iOS. When I join the local wifi the app still thinks it should be using the external url. I have added the wifi ssd to the ios app so it should know to switch to the internal url

  • @BYOOx5
    @BYOOx5 2 ปีที่แล้ว +2

    Great info!

  • @chrisfliesser541
    @chrisfliesser541 หลายเดือนก่อน

    Not working for me unfortunately. My port forwarding IP address starts with a 10. is that bad?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  หลายเดือนก่อน

      Is the 10. address your external (WAN) address or the internal one of your Home Assistant installation?

    • @chrisfliesser541
      @chrisfliesser541 หลายเดือนก่อน

      @@SpeakToTheGeekTech the reserved IP address on my router for the 8126 port forwarding.

    • @chrisfliesser541
      @chrisfliesser541 หลายเดือนก่อน

      My local IP address on home assistant also starts with a 10.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  หลายเดือนก่อน

      Yeah that should be fine then

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  หลายเดือนก่อน

      The IP address of Home Assistant and the IP address that you are forwarding a port to should be the same

  • @kozfelipe
    @kozfelipe ปีที่แล้ว

    this is deprecated for 2023 version but it helped me

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Hi, which part is deprecated and do you have a link to info about that? I'm still running with this method just fine, but if there's something deprecated I could do with knowing so as I can make an updated guide. I've not seen anything myself.

  • @johnwilkins2023
    @johnwilkins2023 ปีที่แล้ว

    I tried to follow your brilliant tutorial but got stuck when trying to enter my duck dns domain under configuration/options in HA. I have registered the domain in DUCK DNS and I have the token but when i type in the domain name its just not found or recognised. Any Help appreciated?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      When you say not found or recognised, what actually happens and when do you see this error? When you type your domain into the configuration page (so just yourchosenname.duckdns.org with no or anything and press enter), it's not doing any checking at that point to my knowledge. It's only when you start the add-on that the checks on the domain happen.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      I've just had a quick play with the add-on and it looks like there may be a bug in the GUI that doesn't allow you to type in your domain. (bug is here: github.com/home-assistant/addons/issues/2839 so you might want to add your name to the list so as you can keep an eye on the progress). As a workaround on the configuration page you can click the three dots and choose 'Edit in YAML'. You'll then need to make sure that the configuration starts like this:
      domains:
      - yourchosenname.duckdns.org

    • @johnwilkins2023
      @johnwilkins2023 ปีที่แล้ว

      @@SpeakToTheGeekTech yes i just enter the domain name without the bit and press enter. nothing changes unlike in your example where the domain appears in a bubble above. Then when I click on Token , the domain name is cleared

    • @johnwilkins2023
      @johnwilkins2023 ปีที่แล้ว

      @@SpeakToTheGeekTech brilliant, thanks do much for your help.

  • @darrelriley
    @darrelriley 2 ปีที่แล้ว

    I could never get this to work, gave up after trying for the whole weekend , so i reinstalled Home Assistance from the beginning and I still get the same error after entering port 8123 in NGINX.
    I'm running Home Assistance on VirtualBox. error = "Failed to start add-On" "Port '8123' is already in use by something else on the host'"

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      Port 8123 is already in use by Home Assistant, you need to enter a different port to use. I used 8126 in my video. So NGINX will listen on port 8126 and send requests through to Home Assistant which is listening on port 8123

    • @darrelriley
      @darrelriley 2 ปีที่แล้ว

      ok thanks, got it working now.

    • @ramkiraman4636
      @ramkiraman4636 ปีที่แล้ว

      @@SpeakToTheGeekTech I also tried this approach with HA installed as a VM in linux - however, I just cant seem to connect to the secure version. What diagnostics or logs can I check to see how I could fix this.- thanks

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Very tricky question to answer. The first place I would check is the networking configuration for your VM. Ideally this should be using pass-through networking, i.e. your VM has its own IP on the same LAN as the host you are running it on, which is different to that of the host. My guess is you may have set it up as NAT networking, meaning your VM is hidden behind the IP of your host server and you may have to punch holes through like you would on a router (port forward). You should check that your secure port is listening on the host from another machine (use telnet if you have Windows) or nc on Linux (nc -z -v -w5 )

  • @Wild1000Cat
    @Wild1000Cat 7 หลายเดือนก่อน

    This crashes for the first time at 6:01 HA doesn't accept address 172.30.33.0/24, also crashes at 7:18 doesn't accept new address.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  7 หลายเดือนก่อน

      If your browser or Home Assistant is crashing for you when you save text configuration files then you have much bigger issues I think. This method is the one I still use for my own installation and have set it up recently too for others so I know it's still valid. HA does accept the 172 address exactly as per the tutorial. I've set this up on various types of Raspberry Pi installations so I can't comment on how well this works if you have Home Assistant configured in other environments.

  • @JasperStevens80
    @JasperStevens80 2 ปีที่แล้ว +1

    Thanks, very usefull and clear!

  • @ArisdePeuter
    @ArisdePeuter ปีที่แล้ว

    I watched the video a few times, very well laid out and easy to follow. I followed all steps as precisely as I could (my router is different but I think I have it - forwarding the right port using TCP to home assistant
    However when I try to connect at the end I get a timeout and when I click diagnostics, it says the URL is online but isnt responding. I dont think this is DNS propogation delay but obviously I missed something somewhere - any thoughts on what is going on?

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว

      Hi, there are so many places to start looking. Firstly make sure that your router has a public IP address and your ISP is not using CGNAT. Make sure you are testing this from outside of your internet connection (so not from the same network that Home Assistant sits on). Make sure that the port on your router is open, configured correctly to point to Home Assistant's NGINX port that you set up, and that external services can see it (try using a port checker such as portchecker.co). If you're concerned about DNS propagation, you can test this using an IP address. You should also be able to check that NGINX is working correctly by browsing to your Home Assistant IP address on the secure port (so for example, 192.168.1.12:8126 instead of 192.168.1.12:8123 or whatever you have configured) - you'll get a certificate error but you should be able to get in as a proof of concept. As you can see, so many places it could go wrong and you need to rule out each part individually.

    • @ArisdePeuter
      @ArisdePeuter ปีที่แล้ว

      @@SpeakToTheGeekTech Thanks for taking the time to respond, I appreciate it

  • @kvmgz
    @kvmgz ปีที่แล้ว

    Thanks a lot! Great video, great tutorial.

  • @GlennPerdicaro
    @GlennPerdicaro ปีที่แล้ว +1

    Fantastic video thnx alot!

  • @JohnThomas-ey1hx
    @JohnThomas-ey1hx 9 หลายเดือนก่อน

    Excellent - thank you

  • @ANDREz69
    @ANDREz69 10 หลายเดือนก่อน

    Genius! thanks a lot!

  • @feri1116
    @feri1116 ปีที่แล้ว

    Thanks a lot, it helped me.

  • @christianpfluger5190
    @christianpfluger5190 7 หลายเดือนก่อน

    Thanks!

  • @shaike01
    @shaike01 7 หลายเดือนก่อน

    Thanks

  • @tiloalo
    @tiloalo 8 หลายเดือนก่อน

    Unfortunately does not work with the shitty Internet network in Germany and the carrier grade NAT my provider use...

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  8 หลายเดือนก่อน

      Yeah sadly that's becoming more and more common now. Try out a Cloudflare tunnel or similar, I've heard people having luck doing it that way instead.

  • @petrpavelek5806
    @petrpavelek5806 2 ปีที่แล้ว

    It looks like very good. But i made everthing with instruction, but still have 500. I dont know where can be mistake. :( .... say hello and thank you from Czech Republic

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      Have you tested it from an external internet connection? It’s common for home routers to not support something called NAT loopback which prevents you accessing externally presented services when sitting on that network. Also do you have a public IP address provided by your ISP? This will only work if you do, otherwise you need to look at a third party proxy service such as CloudFlare for remote access

  • @crafter89
    @crafter89 2 ปีที่แล้ว

    This is way to complicated for me. And I don't have the add-on store, too. So I'm just port forwarding.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  2 ปีที่แล้ว

      Fair enough, but if you're just port forwarding to the unencrypted http port (8123 by default) then please be careful where you log on from. Your username and password will be sent in the clear over the network and it's quite easy to capture it.

    • @crafter89
      @crafter89 2 ปีที่แล้ว

      @@SpeakToTheGeekTech I know, but I don't use Home Assistant that much and the password was created just for it.

  • @ldiegosousa
    @ldiegosousa ปีที่แล้ว

    CAUTION: it will work ONLY if you have a public IP address provided by your ISP !!!

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      Yup, very true, although not sure it needed the dramatic emojis! :) If you don't have a public IP address then you'll need to look into other solutions such as Cloudflare Tunnel or just paying Nabu Casa

    • @ldiegosousa
      @ldiegosousa ปีที่แล้ว

      ​@@SpeakToTheGeekTech , emojis removed. I intended to warn about the Public IP requirement. I made the whole process you taught, but just realized about the limitation at the end.

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      You didn't need to, I was only joking! And yes, I should have clarified that in the video but I honestly didn't think about that scenario at the time. Here in the UK it's quite normal to be supplied with a public IP, but I realise that in places like the US it's much more common to be given a private one behind a CG-NAT.

    • @ldiegosousa
      @ldiegosousa ปีที่แล้ว

      ​@@SpeakToTheGeekTech that's exactly what happened. I'm from Brazil, here 99% of the ISP deliver CGNAT. But anyway, thank you for the reply and the other videos which helps the community. Keep it up !

  • @marxdrive
    @marxdrive ปีที่แล้ว

    @speektothegeek I get an error when trying to load page: Secure Connection Failed
    SSL received a record that exceeded the maximum permissible length.
    Error code: SSL_ERROR_RX_RECORD_TOO_LONG
    Any ideas what I did wrong?
    UPDATE - Fixed, I was using 8123 not 8126....doh

  • @etiennetjonsjoesjoe7822
    @etiennetjonsjoesjoe7822 ปีที่แล้ว

    I was wondering, how does the server can be sure of the authenticity of the user. Is there also some sort of client side certificate? Or is it just password authentication

    • @SpeakToTheGeekTech
      @SpeakToTheGeekTech  ปีที่แล้ว +1

      You're using a DuckDNS certificate which is in the trusted chain for starters in order to encrypt the traffic between your browser and the server. Then once connected you authenticate with a username and password. You can also enable 2FA (standard TOTP method) too for additional security. The authentication component of Home Assistant is extendable so it's entirely possible for someone to write a component that allows client side certificate authentication if someone hasn't already done that.

    • @etiennetjonsjoesjoe7822
      @etiennetjonsjoesjoe7822 ปีที่แล้ว

      @@SpeakToTheGeekTech thanks for the clarification.

  • @hollytreecook
    @hollytreecook 11 หลายเดือนก่อน

    Fantastic thanks. Worked exactly as described.

  • @malcolmwarden3052
    @malcolmwarden3052 7 หลายเดือนก่อน

    Thanks!