Cannot access YunoHost by domain name in LAN or over VPN

My YunoHost configuration

Hardware: BananaPi
Internet access: ethernet at home
YunoHost version:
yunohost: 2.7.12
yunohost-admin: 2.7.12
moulinette: 2.7.12
ssowat: 2.7.12
Have you personalized your yunohost with some specifics configurations or do you use only the yunohost cli/webadmin tool ? basic

Description of my problem

I’m using YunoHost 2.7.12 on a BananaPi. I’m using a FRITZ!Box 7490 as my router at home. I’would like to access YunoHost only via VPN (provided by FRITZ!Box) or on my local (W)LAN, i.e. I don’t want to open any ports (443, 22) on my router if possible.

I also registered at DynDNS services, so let’s say my DynDNS name is I update through the FRITZ!Box and also use as the default domain on the YunoHost and all apps use this domain. I also added as exception to the router’s DNS Rebind protection.

My problem is that I cannot access YunoHost with from my (W)LAN, neither locally nor through VPN. I can access through the IP address though, but that is not what I want because SSO does not work properly without using the domain name. If I open port 443 it works of course.

Any ideas how I can make my YunoHost accessible through its DynDNS name on my (W)LAN? Editing hosts files would be a bad option, because I would need to configure every client separately.

Thanks in advance for your help.

Have you tried to edit the leasetime. it seems that the fritzbox has/had some problems with resolving domainnames in privat networks.

Have you tried to edit the leasetime.

Do you mean lease time regarding to DHCP? This is set to 10 days (default). Not sure how editing this would help in any way, because I set the IP address fixed for the BananaPi/YunoHost.

Hm It’s not entirely clear to me what’s your setup … (especially the VPN part ?)

If I understand correctly, you have something like this ?

            VPN              <--->   BananaPi
Internet   <--->  Fritz!Box      <----> Other device (e.g. laptop)
                             <----> Other device (e.g. smartphone)

and I assume that your domain name points to your VPN’s IP ?

Anyway I’m not sure to understand how you would expect the setup to work with a closed 443 (and others) port… At some point, packets arriving at your Fritz!boxed needs to be transmitted to your BananaPi ?

The way web browser works is precisely to establish a communication on port 80/443 with the server you are trying to contact, so this port needs to be opened somewhere, otherwise it just means that you don’t want to be contacted on this port :confused:

Let’s reduce the complexity of my question a bit and leave the VPN part out for the moment. :wink:
The setup in my LAN is as follows:

Router (
BananaPi/YunoHost (
PC (

From the PC I cannot access the YH with it’s domain name (, only with its IP. But to my understanding this should be possible once I added the domain name to the router’s DNS Rebind protection exception list (which I did).
So it is only about a client-server connection within my private LAN, hence no ports need to be opened on my router. Or do I have a fundamental misunderstanding here?

The leasetime would be interesting if you changed the port->ip…i think.

That’s how things should work.

Have you tried to you use a custom dns?


Do you mean with “custom dns” a solution like this?

No, haven’t tried yet. Btw, in the meantime I learned that it seems not to be possible to point a FQDN (like to an internal IP address with the FRITZ!Box 7490. And it doesn’t support editing the DNS like it is described here:

I meant Setting up dynamic DNS in the FRITZ!Box

And maybe this website (in german) will help?!
Abhilfe: FRITZ!Box DNS löst lokale Namen falsch auf


mr_smithers, thanks for the two links. The second one looks particularly interesting, I’ll try that approach.
Currently my setup is working with edited /etc/hosts on the clients, but I think about setting up a custom DNS with pi-hole.
Thanks for your help! :slight_smile: