Cannot access Nextcloud from local network but works from other networks

Nextcloud version: 18.0.6
Operating system and version: Ubuntu Mate
Apache or nginx version: 2.4.43
PHP version:

Hi guys. I recently changed my router at home and redid all NAT configuration in there but as the title says, I cannot access my Nextcloud from local network for an unknown reason. I basically put the same settings that I was having in my previous router but there most be something I don’t get cause I can access it with LTE or from a VPN or other networks.

Using Chrome I’ll get ERR_TIMED_OUT or ERR_CONNECTION_RESET when trying to access it from local network. It’s the first time I’m facing this issue.

NAT settings in my router are the following:

  1. 80 to local ip of my raspberry pi hosting the nextcloud. (duckdns ip update)
  2. 443 to same ip for SSL
  3. 2223 to same ip for SSH.

From local network I can access the instance by SSH using local ip. But I cant using it’s DNS. On duckdns the ip address is good. I tried disabling firewall on my router and it didn’t help. I’m kind of clueless right now. Must be something simple I’m not thinking of right now. Would appreciate any kind of help.

PS: Same results on my phone and different PC’s

Thanks a lot! Have a nice day.

I’m having a hard time following your post. IIUC, there are actually two, possibly three problems here:

  1. Your Raspberry Pi is unreachable from other networks on the internet, like your cell provider’s network or a coffee shop WiFi.
  2. Chrome can’t access port 80 or port 443 on the local network. (Did you use the DNS name or the LAN IP address?)
  3. ssh <lan-ip> works fine on the local network, but ssh <dns-name> does not.

Is that correct? Either way, please post the output of:

  1. host <dns-name> on the local network
  2. traceroute <ip-address> on the local network
  3. traceroute <dns-name> on the local network
  4. traceroute <dns-name> from a network on the public internet.

Hi @strugee.

First of all, I apologize for the lack of clarity in my previous post and I wanna thank you for trying to help me out. I’ll try to clarify:

  1. The pi can be reached via SSH using the local network and its private IP. I cant by using its dns-name.

  2. When trying to access Nextcloud using my local network, I use the dns-name using Chrome (say: and I can’t reach it. Most of the time I’ll get ERR_TIMED_OUT. However, I won’t have trouble doing so using my cell provider network’s or via a VPN.

  3. Is correct. Using my local network, I can ssh lan-ip but cannot use ssh dns-name (connection refused via local network, would work using a VPN).

  1. host dns-name will return: has address 198.XX.XXX.XX (which correspond to the my proper public ip) mail is handled by 50

  2. traceroute <ip-address> using my local network will return:

jpbegin@CyberPowerPC:~$ traceroute
traceroute to (, 64 hops max
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *

  1. traceroute <dns-name> using my local network will return:

jpbegin@CyberPowerPC:~$ traceroute
traceroute to (198.XX.XXX.XX), 64 hops max
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *

Again, I’ve hidden the IP address but it does correspond to my proper public IP address.

  1. If I understand correctly, you want me to traceroute from a different network than my local network. If so, here are the results:

jpbegin@CyberPowerPC:~$ traceroute
traceroute to (198.XX.XXX.XX), 64 hops max
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *

One thing that might help to debug this is, I’m also running a Plex service on the same Raspberry Pi. That service can be accessed without any problem using my local network or any other network. The only thing that changed before it was working and now is the router. I switched to the different one but basically copied all the NAT rules I had.

I hope it’s clearer, don’t hesitate to say it isn’t. I’ll do my best to clarify myself again. Sorry about that. English isn’t my foreign language.

Your problem is most likely that your new router doesn’t allow hairpin routing (where you access a local server by the public IP). This is not something you want to do anyway.

The proper solution is to run a local DNS server that will provide the correct IP while on your LAN.

Hi @KarlF12 thanks for your answer. I have another Pi on which I set up Pi-Hole but had trouble with my network recently so I decommissioned it (not wipe it though) to see if it was the cause of my issues (I was configuring each devices manually, no router settings for it). Is this something I could achieve with Pi-Hole in your opinion ?

Im still new to networking.

I’m not familiar with Pi-Hole. If you have no DNS server available, you could run bind on your Nextcloud server. You will need some understanding of DNS to set it up.

If your router has a built-in DNS server, that would be the easiest thing to do.

I just learn more about hairpin routing by watching - very well explained and the guy even shares his solution.

That’s frustrating hehe. I really enjoyed my setup of; Pi updating it’s public IP to duckdns and then port forwarding doing all the magic haha.

So if I understand correctly, I could also modify my host file on each machine I want to access it locally, add my Pi local ip address in there followed by it’s dns-name ?

You can have it work like that, but it has to be set up right. When you use split-horizon DNS, your local DNS server will resolve the name to the correct local IP, and when you are off-network, your public DDNS will resolve it to the correct public IP. This is how you make it “just work.”

Yes you can, and I don’t normally suggest this workaround because you have to add it on each device to work on your LAN, and then that will break them when they leave your LAN (hosts file will prevent them from resolving the public IP). So it’s a lot of unnecessary messing with DNS overrides when you could just set up DNS and have everything work.

And as you add other self-hosted services in the future, you’ll run into the need for a DNS server every time. It’s a good opportunity to learn DNS.

1 Like

By any chance, do you know a reference that explains how to set it up right?

I think I got most of what you told me. Thanks a lot for the time and efforts you took to explain this to me by the way. I will certainly do my homework and learn more about split-horizon DNS, hair pinning, DDNS… I want to make sure it’s something I get for the future.

My Setup:
Openwrt router + PiHole
Cant access my
Edit /etc/hosts
nextcloud local ipaddress (es.: 192.168.x.x) -tab- (192.168.x.x
flush dns or restart PiHole
and magically it works again. You can access your external domain and dont have to keep switching the sync ip and domain name depeding if you are in or outside you home.

Pi-hole has recently added a GUI option for this…