Well, thank you, at least figured out why I wasn’t working. Thank you again. I’ll try contacting my ISP.
I’m also behind a CGNAT and I run my Nextcloud server on an onion-address, i.e. I use Tor to access it from outside my LAN. The setup is fairly simple, a downside is that the Nextcloud android client doesn’t support onion-addresses.
@bb77
Is there a way, excluding the above one, to access my nextcloud server anywhere even if I’m behind a CGNAT?
You might be able to use zerotier to access your server from any device (but requires to use the same zerotier network on any device)
https://www.zerotier.com/
No that’s not possible. CGNAT is like a second NAT in front of the NAT in your router, over wich you have no control. If someone could do something about it, it would be your ISP by providing you with a public IP address. There are other ways you could make things accesable from the internet like the solution with the .onion address mentioned by @RobinL . But they all have some downsides, and are involving either some kind of 3rd party service or at least some external server like a VPS.
I would look that you can change your current plan with your ISP to something, that gives you at least a dynamic publc IP address. If that’s not possible with your ISP, I would switch to another ISP as soon as possible.
Ok, thanks, I’ll look into it
Here are some steps how to install and configure zerotier: Setup Guide · moonlight-stream/moonlight-docs Wiki · GitHub
(Though you need to download the tool onto your Linux server and not Windows of course)
1 Like
ZeroTier is probably the next best option if he can’t get somehow a public IP and he doesn’t want to host something similar on an external server by himself.
1 Like
@bb77
I was looking on the internet, cause my ISP’s cutomer service is not good, and it says to use ngrok. Is it true?
I’m not an expert on solutions like ZeroTier or ngrok. In both cases, some manual work is required, at least on the Nextcloud server. And with Zerotier you will also have to install something on the client side. In terms of handling, ZeroTier is more like a tarditional site-to-site VPN, with the difference that you do not have to open any ports.
I have no experience with ngrok at all, but it seems to offer the possibility to use HTTPS and your own domain names, wich is good I guess. But if I get it right, you need at least the $8.25 plan for that functionality. It also seems to be the case, that all traffic has to run through their servers, if you use it like this. And there are some limitiations in terms of connections per minute. With that in mind, you’re maybe better off with a $5 VPS, so that you can build something yourself with maybe wireguard and a reverse proxy that doesn’t have any restrictions. Of course, building something yourself, requires more effort.
But as I I said, I am not an expert in this area and have never set up or operated an infrastructure like this myself. I think you have to read up a little about those solutions. Or open a new thread specific to that topic…
In the end, everything depends on your specific requirements for such a solution and how much effort you are willing to put into it.
2 Likes
Thanks again for helping!
I did it with ZeroTier. Thank you all for your effort.
Edit: If you want to point a domain to the new ZeroTier IP address of the nextcloud server, you can do it. And if you want to secure it, see this.
You’re welcome. Glad that it did finally work out. 
Thanks for the info. Didn’t know that.
@bb77 @devnull
Nextcloud was working fine with zerotier, it is a great option. But, I was getting annoyed because I needed to turn on zerotier everytime I wanted to access nextcloud. After some time with zerotier, I decided to give my ISP a try, and they gave me a public IP address!!
I checked in my wan status page on my router and it was the correct IP. Now I can access it from anywhere. I was behind a CGNAT, but thankfully, the gave me a public IP. Thanks for all your efforts!
2 Likes
Nice. That makes things a lot easier 
Hi! Running through the same problem, ports not open. The ISP guarantees the IP is public, and in fact it matches the listed in router’s WAN. Ubuntu 24 is set up to let the server go out without interruptions but still can only access it locally.
Ports are closed. Followed some instructions in this thread. What else could i be possibly missing?!
What instructions did you follow? Did you forward ports 80 and 443 to the local IP address of your Nextcloud server in your router configuration?
yes, i did that, all forwarding correctly in the router, like shown in this thread, but they show up as closed looking at yougetsignal.
I’m trying to see how could it be my fault somehow, because the ISP has no idea and they say they’re not blocking them.
Ubuntu 24 lts is also not blocking, because i tried with the firewall down. No clues here