I have a problem which I cannot figure out.
Above picture is a little sketch of my situation.

I have Home Assistant running internally with ip address .70 on port 8123
This is accessible from the internet using a https://mydomain.duckdns.org (port 443)

On my internet router port 443 is forwarded to 192.168.2.1 : 10080

Alle the rest of my mikrotik is default.

But I cannot figure out why I cannot access https://mydomain.duckdns.org on my internal network, for instance on my laptop.


These are my NAT rules on my Mikrotik:
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none

1 ;;; hairpin nat
chain=srcnat action=masquerade src-address=192.168.88.0/24 dst-address=!192.168.88.1

2 ;;; HomeAssistant external
chain=dstnat action=dst-nat to-addresses=192.168.88.70 to-ports=8123 protocol=tcp dst-port=10080

Well does you Internet router support NAT-Loopback / Hairpin / U-Turn NAT / whats-in-a-name also and was it configured ?
Because without it is normal the router will not know what do to with it and no src-translation will occur.

With a packet capture it is very easy to investigate what happens, does the packet destined for https://mydomain.duckdns.org actually arrived back at the Microtik WAN-interface and what is the apparent source-IP ?
Just enable logging on all these Mikrotik rules so at least you see something where thing are / are not arriving.

This was probably it :-(
What I've done now, is created a new zone on my DNS server with duckdns.org and created an A record for my external hostname.
I pointed this record to my internet Home Assistant server. Oh and I changed the port of Home Assistant to 443.

Now everthing works.

Many thanks !!!