I am having below two issue,
The below one observed from IFTTT make an web request,
1.Applet skipped "If You say "Open Binny", then Make a web request".Unable to make web request: Error: ETIMEDOUT
"I am using this URL http://192.168.43.184:8123/api/services/shell_command/test_cmd?api_password=solo#123"
The below one is observed in home assistant while we call service
2.homeassistant.components.shell_command] Error running command: pwd, return code: 1
can you solve this ? Thanks
The IP (192.168.43.184) you are using in your http-request is a private internal IP (it will only work wthin your home network). You need to use your public (external) IP from your internet router (hopefully you have a public one). But even then, it will not work until you configure your router for a port forwarding, so if a request hit's your external IP (and port) your router should know which server (here 192.168.43.184) should be reached. You need a port forwarding like this: If a TCP conncetion comes to your public IP on port 8123 route it further to 192.168.43.184:8123
But I would suggest to get a DNS-entry like from DynDNS.org because your public IP will maybe change, and then you always have to adapt the IFTTT-URLs. With an DNS-entry you get rid of changing all the URLs out there. Often there is a tool which runs in your lokal network and checks if your public IP has changed and informes DNS-provider and updates the mapping between your DNS entry and your public IP
You need a secure remote connection. You can use duckdns and https cert created with dehydratated
https://www.splitbrain.org/blog/2017-08/10-homeassistant_duckdns_letsencrypt
You can try the new tutorial https://www.home-assistant.io/integrations/google_assistant/ for google assistant connection
Related
I have moved to a new place that provides an ethernet port in the wall which I have attached my router to (using dynamic IP setting). I know how to port forward with my router and it worked fine until now with a DSL connection:
My router provides 192.168.0.X IP addresses to the clients in the house. When I checked my router settings I have noticed that the default gateway and the IP address starts with 172.16 (I have connected to the router settings using 192.168.0.1), while when checking what is my external IP (through whatismyip.com for example) it shows a different IP address. I guess it means that it's a VLAN (I'm not an expert...)
When I enter the default gateway it asks for username and password which I don't have, so I guess this is the main problem. Is there a way to port forward anyways?
Thanks in advance.
the IP address starts with 172.16
That is a private IP address. Unless the port forwarding is also set up on the previous NAT router, there's no way your router can forward from public IP space.
Dual-stage forwarding is possible but requires the real public router's admin to set that up. The only alternative is via a tunnel from another public IP address (port forward from an external server/router into a VPN tunnel that you terminate).
A VLAN is nothing that can help you here.
I just obtained static IP from ISP and configured port forwarding on my Sercomm AOT-4221SR Router
While accessing outside network it works properly and shows webpage of my server however when i connect my machine to same network within LAN and visit website or static IP it shows router page i.e 192.168.0.1 (with original website URL which i entered in browser)
Please help me to solve this.
192.168.0.1 this is a private IP and shouldn't be used. I am guessing that you received a public IP from ISP. Use your public IP and add port forward rules for that IP to your web server IP
X.X.X.X:80 ------------> 192.168.0.x:80
X.X.X.X:443 ------------> 192.168.0.x:443 for HTTPS
X.X.X.X is your public IP and 192.168.0.x is the ip of machine where you are running webserver.
And point your domain name to that public IP. You can add entries in /etc/hosts for testing purposes
What you are looking for is NAT reflection.
It would not work, as most routers, including the Sercomm one does not have NAT reflection feature.
I was in the same boat as you.
What I did:
Let us assume you have 3 devices from which you want to forward ports. After adding the rules in the router, with LAN IPs 192.168.0.A, 192.168.0.B, 192.168.0.C
and your static IP is W.X.Y.Z.
Go to duckdns.org and create a free account.
create 3 entries
somethingdevice1.duckdns.org --> W.X.Y.Z
somethingdevice2.duckdns.org --> W.X.Y.Z
somethingdevice2.duckdns.org --> W.X.Y.Z
Now create static DNS entries as follows (I am using AdGuard instance inside a HASS instance which I am using as DNS, I created DNS rewrite rules there)
somethingdevice1.duckdns.org --> 192.168.0.A
somethingdevice2.duckdns.org --> 192.168.0.B
somethingdevice3.duckdns.org --> 192.168.0.C
Now use these URLs to access your devices withing or outside your local network.
So here is my issue, I have a website hosted from a virtual machine on my server and am using a dyndns service to point a url to my IP. My ISP recently set up a new modem which unfortunately has its own built in gateway and router. After fighting it to forward port 80 I tested it by trying to navigate to the site via the URL and it didn't work, then I tested it on my phone connected to cell data network and it worked! I am able to visit the site via the URL as long as I am not connected to my network. i find this very weird and cannot figure out why.
I am able to view the site on my network by typing in the local IP of the server.
Any suggestions why this might be occurring?
Yes, this is a pain. Usually your modem won't route traffic from inside that's destined for its public IP address.
When you come from outside, the traffic hits the modem from the external line, and the port forwarding rules get applied, and the traffic reaches your web server. But those port forwarding rules don't get applied to internal traffic. You're trying to browse the web server on the modem, rather than on your server.
I did once find a modem that allowed forwarding of internal traffic, but that was a long time ago, and I haven't see one like it since. What I do these days is to use the internal address when I'm on the internal network, and the external address when I'm not. For things that get scripted, I have a little function that determines whether I'm on my local network or not, and programmatically chooses the right way to address the server.
This is because your router does not support hairpinning (or does not have it set up).
From Cisco Support Community:-
The term hairpinning comes from the fact that the traffic comes from one source into a router or similar devices, makes a U-turn and goes back the same way it came.
Visualize this and you see something that looks like a hairpin.
Hairpin NAT is a useful technique for accessing an internal server using a public IP. Since you are using a public IP to attempt to access a server in your network, the traffic will attempt to go out to the internet. In order to reach the server, the traffic will need to be redirected to the correct location.
The problem is how you are doing your internal routing DNS.
You can do DNS Lookup and trace route to see where the Website name is not resolving and whether if you ping the domain e.g. ping something.com return the public IP.
I resolved ours by doing policy routing on website FQDN to go through a different WAN. It's working fine. This works for those with different WAN terminating at the site.
The other way is redo the DNS configuration in internal network.
I was doing my development with Google Drive API using [localhost:8080]. Suddenly I felt to test it in my local deployment sandbox and it has IP address as [192.168.1.1:8080]. And as per that I changed the credential in developer console client callback URL. I am using OAuth2WebServerFlow to get the refresh token using user consent. Then in future I am using the refresh token and OAuth2WebServerFlow to authenticate the user. But I was surprised - I got the error:
That’s an error.
Error: invalid_request
device_id and device_name are required for private IP:
I don't know what is happening or how can I fix it. What is going on, I don't understand
An alternative to editing a hosts file is to use the "Magic DNS" service http://xip.io/ or http://nip.io/ (see edit)
xip.io is a magic domain name that provides wildcard DNS for any IP address.Say your LAN IP address is 10.0.0.1. Using xip.io,
10.0.0.1.xip.io resolves to 10.0.0.1
www.10.0.0.1.xip.io resolves to 10.0.0.1
mysite.10.0.0.1.xip.io resolves to 10.0.0.1
foo.bar.10.0.0.1.xip.io resolves to 10.0.0.1
With this service, you can specify a public-looking domain that resolves to a private address.
In the Console, if your Redirect URI was (what you wish you had anyways):
http://192.168.1.1:8080/auth/google_oath2/callback
Replace it with:
http://192.168.1.1.xip.io:8080/auth/google_oath2/callback
"Redirect URIs" does not seem to accept wildcards, so the entire private ip-xip.io needs to be specified in the console.
I have no affiliation with xip.io; I'm just a satisfied user.
2016 Edit: I've heard reports of instability with the xip.io DNS servers. There is a copy-cat service nip.io that behaves exactly the same as xip.io, but during July 2016, nip.io had a 100% response rate while xip.io did not.
Google will not accept a local (private) IP address when doing Oauth calls. My workaround was to add an entry in my Windows hosts file for the local IP:
\Windows\System32\drivers\etc
192.168.1.2 fakedomain.com
then register fakedomain.com with Google in their dev console. That appears as a "real" domain to them, but will still resolve in your browser to the local IP. I'm sure a similar approach on Mac or Linux would also work.
Edit: Only relevant when developing locally.
Ok, I'm having the same problem on my Mac. Following steps resolved the issue
Go to your google development console https://console.developers.google.com/project, choose credentials and change the callback IP to a domain like http://myflask.com:5000/oauth2callback.
In my case I am using a Flask application, so the 5000 port is necessary.
Next add to your private/etc/hosts file a new entry matching the above hostname to your IP, like so:
# (example IP)
172.1.1.1 myflask.com
Give Google a minute to update your credentials, and visit your site at http://myflask.com:5000
I got the same error until I changed it from an IP address to a domain name, (192.168.1.113 to localhost in my case) so it looks like Google won't accept bare IP addresses.
Use a domain name for your sandbox, or setup a local domain server if you don't have one.
Worth noting that on a Mac you can do the same thing by editing as root:
/private/etc/hosts
Add a similar line as mentioned above
192.168.60.10 fakedomain.com
Modify your file hosts at \Windows\System32\drivers\etc\hosts
add "192.168.1.2 fakedomain.com" into hosts file
restart your windows
Update google console 192.168.1.2 update to fakedomain.com
I'm using the Play Framework which uses http://localhost:9000 by default. I'm also trying something with Twitter and it needs to use a callback url for authentication, but Twitter won't accept http://localhost:9000 as a callback URL.
How can I configure my localhost to map to something like http://mylocal.loc, (similar as with an Apache vhost), instead of http://localhost:9000?
The problem is that the URL needed to be entered in the following format:
http://127.0.0.1:9000/twitter-callback
The above works perfectly as a Twitter callback address.
Twitter isn't trying to access localhost directly, it simply takes the above address as far as I understand, sticks it into the HTTP response header, prompting whichever browser being used to perform a straight forward 302 redirect.
The following blog post had some invaluable information in regards to this question:
http://www.tonyamoyal.com/2009/08/17/how-to-quickly-set-up-a-test-for-twitter-oauth-authentication-from-your-local-machine/
The reason that twitter can't use localhost as a callback url is because localhost is a redirect to your computers loopback interface. In other words, localhost is always the computer that you're on. In order for other computers (including twitter) to access your host, you need to use an external IP address, or a hostname.
To get your IP address, visit whatsmyip. This will tell you your external IP address (which other computers on the internet can access). If you have a static IP address, you can purchase a domain name, or get a free one from something like no-ip or dyndns to make it easier to remember and type. You'll need to point a DNS record from that domain to your IP. You'll also probably need to do some port forwarding and stuff to get it to go to your computer on port 9000, rather than your router (dependent on your network setup).
Possibly an easier option would be to obtain a free hosting/domain service whilst you're testing.
EDIT: josef's problem was not related to the absence of internet access to his local server, see his own answer for what was going on and a solution. This answer handles the case where a local server needs to be visible from the internet.
localhost, aka 127.0.0.1 is the name that on each computer points to the computer itself. So Twitter looks at itself, obviously doesn't see the service, end of story.
If your computer is connected to a local network, most likely that network is NATed and using private addresses like 192.168.x.x, 10.x.x.x or 172.16x.x.x. These addresses are private (not known outside of the local network because not routed on the internet), so that doesn't help you either.
What remains is your public IP address, ie the address your router gets from your ISP. Via DNS you can map that address to a name, a free service that allows you to map a fixed name also to a variable address is DynDNS.
But wait, there is more! Your router protects your network by not allowing traffic originating OUTSIDE the private network IN, unless you define some forwarding rule in the router, in your case a rule that forwards incoming tcp traffic on port 9000 to your machine's port 9000.
Once all that has been taken care of, your computer will be accessible from the outside, and your callback should work.
Edit your hosts file and add the following line:
127.0.0.1 mylocal.loc
For Windows, it is located in C:\Windows\System32\drivers\etc\. On *nix, you can find it in /etc.