Cannot reach my Nextcloud externally

michmoor

@operations on the nextcloud server i would do a tcpdump for good measure to make sure you are seeing the packets from your mobile.

$ sudo tcpdump host 84.1.1.100

If yo are seeing it making it to your server then the fault is within your nextcloud configuration. pfSense is passing the traffic.

viragomann

@operations
So you can see requests and responses as well on the WAN. I would expect that the client who initiated this connection show anything, but doesn't run into a timeout.

Is there also another website hosted on the NC server, which you can try?

Operations

@viragomann said in Cannot reach my Nextcloud externally:

@operations
So you can see requests and responses as well on the WAN. I would expect that the client who initiated this connection show anything, but doesn't run into a timeout.

Is there also another website hosted on the NC server, which you can try?

Yes i forgot that add that, if you what long enough it will run it a ERR_TIME_OUT (when trying to open cloud.domain.nl). No Nextcloud server only runs nextcloud.

Operations

@michmoor said in Cannot reach my Nextcloud externally:

@operations on the nextcloud server i would do a tcpdump for good measure to make sure you are seeing the packets from your mobile.

$ sudo tcpdump host 84.1.1.100

If yo are seeing it making it to your server then the fault is within your nextcloud configuration. pfSense is passing the traffic.

Did this. See a lot of lines:
Cloud.domain.nl > 84.1.1.100

But why is my PfSense fw not showing the traffic i am seeing when using tcpdump? Is that because the connection fails? But still it goes through so it should show on the fw .. right?

So the problem is my Nextcloud right? Any ideas on that part?

michmoor

@operations What does your WAN rules show?

Operations

@michmoor said in Cannot reach my Nextcloud externally:

@operations What does your WAN rules show?

1683230682420-2023-05-04-22_01_09-pfsense.ad.supsolit.nl-firewall_-rules_-extraip.png

This way i showed before. Or you want to see something else?

michmoor

@operations The bottom rule has 2 states which means the firewall permitted the traffic to 172.16.20.250.
As i suggested before you should run a packet capture on your nextcloud server and see if you see traffic from your mobile device.

Operations

@michmoor said in Cannot reach my Nextcloud externally:

@operations on the nextcloud server i would do a tcpdump for good measure to make sure you are seeing the packets from your mobile.

$ sudo tcpdump host 84.1.1.100

If yo are seeing it making it to your server then the fault is within your nextcloud configuration. pfSense is passing the traffic.

@michmoor the traffic reaches my nextcloud server. I dont know where the button states 2/ is coming from. The numbers are zero now whatever i do

michmoor

@operations said in Cannot reach my Nextcloud externally:

the traffic reaches my nextcloud server.

How do you know?

@operations said in Cannot reach my Nextcloud externally:

I dont know where the button states 2/ is coming from.

It comes from the fact there were 2 states , connections allowed, based on the rule. If the number is 0 that means the previous states are now gone and no new connections have been seen.

Operations

@michmoor

When i run tcpdump on my nextcloud server i see the specific traffic from the external IP i am trying to connect from.