Access nextcloud from the outside

nicovon · March 13, 2020, 12:11pm

I’d like a clarification. without port forwarding of ports 80 and 443, will it not be possible in any way to access nextcloud from the outside?

CyberneticCody · March 13, 2020, 2:22pm

Without 443 or 80 port forwarded you will not be able to access your Nextcloud instance.

You could create an internal VPN that you can connect to to access your Nextcloud, but as far as I am aware that would be your only option if you don’t want to open 80 or 443.

You could try using a different port too.

nicovon · March 13, 2020, 4:28pm

The matter is simple. I don’t have access to the firewall and I have no idea where it is. The solution of creating an internal VPN is fine for me, if the result is the same. I ask you if you can give me further advice on how to create and configure the VPN so that I can use nexcloudpi. Thanks again!

CyberneticCody · March 13, 2020, 5:01pm

I think I misunderstood your question, creating an internal VPN would also require port forwarding… If you are unable to port forward and do not have access to your router/firewall, you won’t be able to access your next cloud instance outside of your network.

Giuseppe · March 15, 2020, 7:44pm

not true. you need one node with a public ip address to route everything through. nextcloud can be behind nat while vpn is not.

nicovon · March 15, 2020, 10:56pm

ultimately, can a VPN help me?

Giuseppe · March 15, 2020, 11:40pm

yes, but you need to set it up yourself and set up routing and all.

the simplest way is to use tinc: tinc-vpn.org

nicovon · March 16, 2020, 3:34pm

do I have to install it in the nextcloudpi container?

Giuseppe · March 16, 2020, 6:47pm

if you want to install it in the container or on the host is up to you, but you also have to install it on a server somewhere and on each client, and create the network

nicovon · March 17, 2020, 6:14pm

if you have enough patience, could you help me out?

Giuseppe · March 17, 2020, 8:59pm

you should read the documentation.+

I can help you, but I can’t install it for you.

the most important thing is that you need to have a machine with a public ip, reachable from every node.

nicovon · March 17, 2020, 9:28pm

Thanks Giuseppe, how do I get a public IP? should I buy a vps?

tflidd · March 17, 2020, 9:37pm

Well, in some companies you are not allowed to bypass everything by VPN is not really a good idea. Only thing where you probably need a VPN or something if you have a provider and you get a shared ipv4 address (dual stack light). however, if all your clients have ipv6, you could go full ipv6.

nicovon · March 17, 2020, 10:05pm

ok you’re right, using the VPN is not a good idea. So what would you use?

cloudbiz · March 17, 2020, 11:59pm

If you are doing this inside a network that you do not control (such a company, school, university) then you may wish to ask the IT department about how you could make your host accessible (they may have a specific hosting platform you can use).
Otherwise, if you purchase your own VPS, then you’ll be able to make the necessary configuration changes to make this accessible.

devnull · March 18, 2020, 7:13am

It is possible to use on an VPS in the internet a VPN from inside your network to the VPS (openVPN, SSH tunnel) and then contact at VPS in the internet and use the tunnel backwards. I think this is not a good idea an not an easy setup.

Alternative 1 :
Ask your network provider to use port forwarding to your home. Perhaps it is possible with IPv6 and an DynDNS-Name and Lets Encrypt Certificate.

Alternative 2:
Use a VPS in the internet and install Apache2, MariaDB, Nextcloud, Lets Encrypt on your own

Alternative 3:
Use a Nextcloud Hoster. https://nextcloud.com/providers/

nicovon · March 18, 2020, 8:06am

thank you so much for the solutions listed.
alternative 1 does not seem to be good for me, since it is not just me who has to use nextcloud, but 250 students.
alternative 2 and 3 also, because the shared folders are located on the local nas and I would like them to be synchronized with nextcloud.

devnull · March 18, 2020, 8:15am

In this case you should change your internet provider or ask him how to use port-forwarding.

In Germany it is normal to use DynDNS and port forwarding with Fritz Box.
What is your provider? What is your router? Do you use a static or dynamic ip-adress?

Here an english video to configure port forwarding on Fritz Box

Also you need and DynDNS-provider to match DNS-name on dynamic IP adress.

nicovon · March 18, 2020, 8:19am

it is a provider for public administrations.
since I created a nextcloud account on Webo.hosting, it would be interesting to synchronize it with my local nextcloud. it can be done?

tflidd · March 18, 2020, 9:42am

Please be open upfront. For this reason you get so many different answers because we don’t know your use case.

The problem in these environments is that they have policies that you must not do such things because it can compromise their network security.

You have so basic questions and then you directly want to set up such a large setup? Start rather small and gain some experience first.