i can access via browser to the nextcloud server wlan and mobilfunk-connection (no responce code)
pinging the public ipdress (188.xxx.xxx.xxx) with android to the nextcloud server ist ok with wlan and mobilfunk-connection.
This is the message when i want to see a picture from my nextcloud server with wlan
So it is a public server. Do you use ipv6 at all?
I don’t use android but do you use any firewall on it? Perhaps you must allow the owncloud app to use your wifi connection? The desktop client/webdav is working via your home network?
Have you try using IP Address (server IP address) rather than hostname -like Manu440hz said?
With the public ip address (htttps://188.xxx.xxx.xxx) the server is found, but the certifate must be confirm. but than the message come: An unknown error is occured,
With the local ip adress (https://192.168.xxx.xxx) the server is found and i can login.
Can you check your ssl settings: ssllabs.com
perhaps the client refuses a connection if it isn’t considered to be secure.
Well I imagine the reason it’s not working via the app and connecting to the ip address is that the certificate is not issued to your ip, but your domain instead.
It’s good that you can reach your server via the ip though, it suggests the issue with the domain is dns related. It’s very difficult to say what the problem is without seeing your web server configuration, ssl configuration and how you’ve got dns set up.
Here is my config.php
<?php
$CONFIG = array (
'instanceid' => 'och4tc5gma78',
'passwordsalt' => 'XXXXXXXXwcccccccccccccXXXXXXXXX',
'secret' => 'xxxxx+8hX0GRLSHGrl34/xxxxxxxxxm9t7R6/xxxxxx',
'trusted_domains' =>
array (
0 => '192.168.178.25',
1 => 'xxxxxxxxxx.dynv6.net',
),
'datadirectory' => '/srv/nextcloud',
'overwrite.cli.url' => 'https://192.168.178.25/nextcloud',
'dbtype' => 'mysql',
'version' => '9.1.0.16',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud',
'dbpassword' => '9OsH.4nP-.,',
'logtimezone' => 'UTC',
'installed' => true,
'maintenance' => false,
'theme' => '',
'loglevel' => 0,
'memcache.local' => '\\OC\\Memcache\\APCu',
);And error is the while saerch server
a) I’m not sure overwrite.cli.url is what you think it is.
b) Why are you try to access the root domain in the above screenshot? You’re serving nextcloud from subdomain.domain.net/nextcloud.
c) I’m assuming you forgot to remove your domain from the above config - needless to say I have tried accessing that address and I can access it.
If your dns entry also resolves an ipv6 address, you should tell your server to answer ipv6 requests as well. On your home network, you have dual stack meaning that ipv6 is preferred. On the mobile network you only have ipv4. 2 possible solutions:
netstat -tlpuen if apache already listens to ipv6 (https://httpd.apache.org/docs/2.4/en/bind.html) and the address from the ssllabs-test really is the ipv6-address of your server (see ifconfig).here is the result from
xxx@xxxxx:~$ sudo netstat -tlpuen
[sudo] Passwort fĂĽr xxx:
Aktive Internetverbindungen (Nur Server)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 122 20596 2558/mysqld
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 25270 3545/smbd
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 0 25523 3559/x11vnc
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN 0 20787 2872/dnsmasq
tcp 0 0 0.0.0.0:22012 0.0.0.0:* LISTEN 0 21747 2550/sshd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 25269 3545/smbd
tcp6 0 0 :::139 :::* LISTEN 0 25268 3545/smbd
tcp6 0 0 :::5900 :::* LISTEN 0 25524 3559/x11vnc
tcp6 0 0 :::80 :::* LISTEN 0 59232 5061/apache2
tcp6 0 0 :::443 :::* LISTEN 0 59236 5061/apache2
tcp6 0 0 :::22012 :::* LISTEN 0 21749 2550/sshd
tcp6 0 0 :::445 :::* LISTEN 0 25267 3545/smbd
udp 0 0 0.0.0.0:5353 0.0.0.0:* 111 18463 2099/avahi-daemon:
udp 0 0 0.0.0.0:56819 0.0.0.0:* 111 18465 2099/avahi-daemon:
udp 0 0 127.0.1.1:53 0.0.0.0:* 0 20786 2872/dnsmasq
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 20290 2863/dhclient
udp 0 0 192.168.178.255:137 0.0.0.0:* 0 25228 3527/nmbd
udp 0 0 192.168.178.25:137 0.0.0.0:* 0 25227 3527/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 0 25224 3527/nmbd
udp 0 0 192.168.178.255:138 0.0.0.0:* 0 25230 3527/nmbd
udp 0 0 192.168.178.25:138 0.0.0.0:* 0 25229 3527/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 0 25225 3527/nmbd
udp 0 0 0.0.0.0:631 0.0.0.0:* 0 18118 2411/cups-browsed
udp6 0 0 :::5353 :::* 111 18464 2099/avahi-daemon:
udp6 0 0 :::46724 :::* 111 18466 2099/avahi-daemon:
no ipv6.
ifconfig
enp1s0 Link encap:Ethernet Hardware Adresse 32:89:0e:92:r5:0e
inet Adresse:192.168.178.25 Bcast:192.168.178.255 Maske:255.255.255.0
inet6-Adresse: fe80::db8f:567:60af:e999/64 GĂĽltigkeitsbereich:Verbindung
inet6-Adresse: 2a02:810d:567:a24:91a5:8c3b:485d:0ecb/64 GĂĽltigkeitsbereich:Global
inet6-Adresse: 2a02:5678:340:a24:acf5:7r45:4d84:7edd/64 GĂĽltigkeitsbereich:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
RX-Pakete:282960 Fehler:0 Verloren:0 Überläufe:0 Fenster:0
TX-Pakete:257717 Fehler:0 Verloren:0 Überläufe:0 Träger:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX-Bytes:111350813 (111.3 MB) TX-Bytes:205139464 (205.1 MB)
lo Link encap:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
inet6-Adresse: ::1/128 GĂĽltigkeitsbereich:Maschine
UP LOOPBACK RUNNING MTU:65536 Metrik:1
RX-Pakete:240150 Fehler:0 Verloren:0 Überläufe:0 Fenster:0
TX-Pakete:240150 Fehler:0 Verloren:0 Überläufe:0 Träger:0
Kollisionen:0 Sendewarteschlangenlänge:1
RX-Bytes:141568783 (141.5 MB) TX-Bytes:141568783 (141.5 MB)
In which file must i handle the listen-entries?
/etc/apache2/ports.conf?
Can you give me an example. conf please fur listen entries. Thanks
https://httpd.apache.org/docs/2.4/en/bind.html
In which file must i do the entry
"Listen [2001:db8::a00:20ff:fea7:ccea]:80" an in my case “Listen [2001:db8::a00:20ff:fea7:ccea]:443” . In ports.conf or in my host or in apache.conf or in all?
Is this entry in port.conf ok?
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Listen [::]:80
<IfModule ssl_module>
Listen [::]:443
</IfModule>
<IfModule mod_gnutls.c>
Listen [::]:443
</IfModule>
And is this in the sites-available host ok?
<VirtualHost *:443, [::]:443>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/xxxxxx.dynv6.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/xxxxxx.dynv6.net/privkey.pem
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCompression off
Header always set Strict-Transport-Security "max-age=15768000"
SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA'
ServerName https://xxxxxx.dynv6.net/
DocumentRoot "/var/www/nextcloud"
Alias /nextcloud "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
</VirtualHost>Your server already listens to ipv6. Now the question, does the ipv6 address, which is resolved by your hostname *.dynv6.net (Android app can not connect with the nextcloud server in the wlan - #16 by rabadumpf), correspond to one of the addresses in the output of ifconfig?
No it does not correspondent.
The ipv6 address, which is resolved by your hostname *.dynv6.net, is ipv6 from the router (fritzbox).
The addresses in the output of ifconfig ist the ipv6 from the server.
And the server is behind the router.
That is your problem, you need to set the server’s ipv6-address to the hostname *.dynv6.net since Nextcloud is not running on your router.
Ok, i make an dynv6.net an A and AAAA entry with my ipv6 adress from nextcloud server
these are the entries, the other two are the entries from dyn-dynamic service.
And the result on ssl lab
no ip v6 connection, i dont know what ist the ip 5405:…
what is wrong?
Not sure what you are doing. 5405:: is no valid ip address, no idea where it is coming from. You should add the ip address you can see via ifconfig. You can try from an external host, if you can ping this ipv6.
It’s also a bit strange that you have two different ipv6 addresses (of two different networks). Does your ISP provide ipv6 and you set up a tunnel on top?
