Hello,
I have a Nextcloud server installed at home that works well on my LAN network, but when I try to make the server accessible via a DynDNS service, I cannot connect to it. The request doesn’t even reach my server. My question is whether the router immediately blocks the request, because when I set the router to be accessible (it has separately that option), I can connect without any issues over dyndns url. Could my ISP (O2) be blocking it? I can confirm that it’s not a firewall issue, and it’s also not because I’m connected to the same WiFi as the server. It’s not a port forwarding issue either, as I’ve gone through all possible options. My router is a Fritzbox 6660, and there are no logs indicating that a request has even come through.
My second question is whether this is even allowed in Germany? Also, I’ve noticed that my ISP rarely changes my IP address; in fact, I haven’t seen it change at all in the past few months, which is strange because in my home country, it changed every 24 hours.
Edit: First, thank you all for your help. I will try your suggestions over the course of this week or month (due to time-related issues :) and will report back with the results. Since I am clearly a noob when it comes to self-hosting and I plan to have only a Nextcloud server for personal use, what is the best way to secure the system in these situations and allow only certain devices to access it over the external network? (if I ever manage to access it at all)
Having been in this same position I think I can help, you are almost definitely being cgnat which means that you do not have your own ipv4. The two workarounds I used for this are to use only ipv6 which is public but means you can’t always access it from older networks. And the second solution is to wireguard tunnel to a free oracle VM and use it as a proxy.
If you google it, you’ll find lots of similar questions for O2. I think you have to contact their customer support and get that activated once.
And have a look at your IPv4 and IPv6 addresses. Sometimes you can do it via IPv6 already, just not over IPv4 because there is some translation in the way. (In case they want too much money to give you a real IPv4 address.)
Maybe you can try if you can open your FritzBox UI from the outside with your my.fritz address. I think that has IPv6 and a port forward in place (if activated).
And btw: It’s perfectly fine to do it. People need storage and online collaboration. Access to their data while away.
The myfritz can communicate with the fritzbox but trying to connect directly (as it’s not proxied) from IPv4 only will fail as well.
Isn’t myfritz plain old IPv6 directly to the router without any proxying or tunneling? If yes, communication would mean IPv6 packets make their way through the ISP to the router.
Depends.
If you connect to the MyFritz proxy service (https://sso.myfritz.net/) from AVM, then no
If you access your own myfritz adress, then yes. (https://example123987wpvor.myfritz.net:12345)
But the only thing the myfritz page from AVM does is enable you to access some functions from the fritzbox like smart home stuff, your internet connection (type of connection, public IP, etc.)
Some German cable providers do internal NATting please check that yours does not.
even allowed in Germany?
Yes.
works well on my LAN network, but when I try to make the server accessible via a DynDNS service
I guess your Fritzbox does NAT for your LAN. Then the dyndns address works only when the client is outside.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters | More Letters |
---|---|
CGNAT | Carrier-Grade NAT |
DNS | Domain Name Service/System |
IP | Internet Protocol |
NAS | Network-Attached Storage |
NAT | Network Address Translation |
5 acronyms in this thread; the most compressed thread commented on today has 6 acronyms.
[Thread #950 for this sub, first seen 4th Sep 2024, 05:35] [FAQ] [Full list] [Contact] [Source code]