Access from outside LAN

Hi, I have Nextcloud (via DOcker on FreeNAS 10) up and running and can sync it locally with a Mac on the same network
I can also access the “web” version either via its IP Address 192.168.0.* or from within the LAN by going “out” and back in via my domain on a specific port e.g.

However I can’t access access from a work PC via

I suspect the answer lies in the config.php but can’t fathom out quite how/what to add there that allows one access but not the other. (The firewall has correct ports open)

Hi currently at work but all I get (remotely) is connection refused at…

Curiously my iphone (nextcloud app) works fine on exactly same address, and works on direct access to the website on that address. It therefore seems to be an issue via the work PC though Owncloud worked fine before…

BEcause I can’t connect is there going to be any logs on the remote (work) PC??

Thanks for quick response

PS I can ping the address from work without issues…

I also think so, often work places and official web access are blocking anything else than standard http/https and email ports. So normally I would recommend to also always use that ports, but maybe you have good reasons for the different one.

Normally ISP blocks port 80 and 443, you can try a higher port just to check if you are able to connect using alternate port, you can try port 4443 and remember to open the port in your firewall/ port forward router port.

Hi thanks for responses,

I opened ports 80 and 443 on my firewall at home, and then forwarded to Nextcloud, and it now works. I’ve restricted the access to only my work IP Range for better security so waiting til Monday to see if I can still access remotely…

Hi Tim,

Let me know if this issue is still unresolved. I’m an engineer at ZeroTier and we have a minimal open source service which will allow you to assign a static IP to your server (even if your ISP only provides you a dynamic IP) and connect remotely.

  • Joe
1 Like

Thanks Joe, much of it was/is playing. I now have have it restricted to my work IP address access only, and 2 factor authentication so belt and braces, but fun just to struggle to overcome the hurdles.

Excellent, glad you got it working!

Hello, Joseph!
I found this solution interesting, you can provide more information. My ISP locks the service ports, I can not unlock the ports for external access in NextCloud. With this solution you suggested I could solve this condition?

@Almir_Ribeiro, I’ve been using Zerotier myself and it works really well. I recommend it. Firewall punching goodness.

sudo snap install zerotier-one
Edit: Then you have to “join” the Nextcloud server to a zerotier network, and approve the joining at the Zerotier Central web interface.

Note: I had to add the zerotier-assigned IP address (let’s pretend it’s to Nextcloud using Nextcloud’s “occ” utility, so it could recognize and accept it as a valid address to use with Nextcloud:

  1. Find the next available “trusted domain” number (which isn’t being used):

    nextcloud.occ config:system:get trusted_domains 1
    nextcloud.occ config:system:get trusted_domains 2
    nextcloud.occ config:system:get trusted_domains 3

…ahhh 3 isn’t “set” (used) yet!

  1. Set the zerotier address as a valid “trusted domain”:

nextcloud.occ config:system:set trusted_domains 3 --value=

(Note: my Nextcloud runs in a snap).

Once Nextcloud is thusly ready to trust the Zerotier address of as being a valid “approach vector” from clients (over Zerotier), and the Zerotier address of is actually visible on the Nextcloud server with the command “/sbin/ifconfig | grep”, then clients which have zerotier configured (“joined” and approved) for that Zerotier network can visit Nextcloud using the Zerotier URL of:

hey man i’m a new user of both nextcloud and zerotier, could you explain in a bit more detail this process?

If you are new to both, then I would say take some time to play with both Nextcloud and zerotier separately for a good while until you feel proficient in administering them, and have a good knowledge of networking involved (IP addresses, hostnames, DNS records, SSL, Let’s Encrypt, etc). Don’t rush that process.

Maybe set up prototyping servers of each (Nextcloud and Zerotier), that’s what I did, in order to test everything and learn. Maybe use Raspberry Pi 4’s or an existing NAS appliance like a Qnap or a Synology, (where you can create Linux VMs for testing purposes), or maybe an older used Thinkpad (famous for being Linux compatible, run VMs or Docker containers there). My post above is moreso for advanced users, to “glue” Nextcloud and zerotier together.

There’s no shortcut, really, to developing a deeper knowledge of how all these parts work together, if you want to be able to troubleshoot these smoothly in the future. You pretty much need somewhat of a mad-Scientist lab (a few machines to play with, or a few VPS’), which are thankfully pretty darn cheap these days.

Thanks for the advices, i have been trying to get my head around these concepts for a while and i was able run zerotier docker and home assistant VM on an unraid server and acess it externally without issues pretty much (which is kinda scary). I still haven’t managed to do that on nextcloud, due to the lack of guidance on the setup vpns and NC, lots of material on nginx/apache though…

There are important, deeper linux networking concepts like network “interfaces”. Commands like /sbin/ifconfig, nethogs and tcpdump are helpful.

Please re-read my first post above above, I added more.

If you decide to install zerotier in a Docker container on the same server as Nextcloud, something I’ve never tried, you had better make sure there is no container isolation which prevents incoming Zerotier connections from being able to talk to Nextcloud.

I think Zerotier (and similar technologies) will end up being something people take a larger interest in, with the advent of the “EARN IT” bill, being proposed in the USA.