Via httpNodeAuth: it is possible to control the access to the /ui
Is there a way to access the /ui from a local address (192.168.1.0/8) without the need to login while access from a remote address there is a need to give user/password?
There is no easy way to apply different authentication rules based on the source address in Node-RED.
I can think of 2 ways to approach this,
use the ui: { middleware: function(req,res,next) {...}}, option in settings.js to implement an express middleware that implements authentication and only enforces it for client IP addresses outside the given range. This is too complicated to run up an example here without some trial and error and testing.
Use something like nginx to proxy for Node-RED and use it to apply the the authentication restrictions. There should be some examples online about how to do this (e.g. Use nginx to Add Authentication to Any Application | Okta Developer would be a reasonable starting point)