Iām a new person to networking, so this could be a very simple issue. Excuse my poor knowledge.
I installed Ubuntu Server on a Server PC that I have. It is connected with an Ethernet cable to my router. My main home PC is also a part of this network, connected also to the router.
My main goal was to set up Nextcloud on this Server PC, and everything worked fine: I could access it via SSH, I could also visit the website with a subdomain that I had with DuckDNS. The only thing left for me to do was to get a Letās Encrypt certificate to be able to use https. Because I couldnāt get it to work, I tried setting up port forwarding on my routerās settings, opening the ports with ufw and trying to switch to another DNS provider. However, this is when the issues start to appear. I donāt know if it was something that I did, but now I cannot connect from any device to my Server PC with the Public IP, this means that I cannot use the subdomain nor type the Public IP on the search bar to visit my Nextcloud instance and trying to use SSH again, with the Public IP does not work. Both things previously mentioned do work if I use the Private IP instead.
So, these are the things that I have tried:
Setting up port forwarding (and also turning it off)
Restarting the router to get a new Public IP
Factory resetting the router
Disabling the firewall temporarily
Using the command ufw allow 80,443,22/tcp
Reinstalled Ubuntu Server on the Server PC
The error when trying to SSH into the server is the following:
ssh: connect to host (Public IP) port 22: Connection timed out
And the error that I get when I try to access the Nextcloud instance with Public IP or subdomain is very similar:
The connection has timed out
The server at (Public IP) is taking too long to respond.
If you need more details, please, leave a comment.
Maybe a problem with ufw. Why donāt you install and configure Nextcloud incl. ssl correctly first and activate the firewall when everything is running or better leave it out completely. But i think your ports ok. Lets Encrypt needs 80 and 443.
I donāt think it is ufw, as I already updated it several times, and still does not work. I reinstalled Ubuntu Server, and if ufw was the issue, that shouldāve fixed it.
Previously, I was able to access it with the Public IP even without setting up ufw nor port forwarding.
Itās really a weird issue.
From the NextCloud server (you can configure ufw, so Iād assume you have shell access), do a netstat command and make sure the web service is listening on port 443.
If passed, then Iād then try to connect to the server internallyā¦make sure to add your internal IP address to config.php then restart your web service.
if passed, then Iād check your firewallā¦if you are have dynamic IP, then Iād check and make sure that service is running and you are connecting to the correct IP from outside.
Maybe you donāt have a public IPv4 (perhaps your ISP is using CGNAT, an IPv4 for many customers). Just to find things out, why not try to use IPv6? you can start by seeing if you have one through here, and then configure a script to refresh duckdns. You can also try to access your server through IPv6. Put it on brackets like this on the address bar for example [youripv6address]:443. Just do not forget to configure your server and your router/modem to get a valid ip6. The downside: sometimes you wonāt have IPv6 (say, in a hotel), so the access wonāt work.
my apologies, didnāt post the additional parameters you need for ānetstatāā¦can you please post the output for: netstat -peanut | grep -i ā:443ā
$ netstat -peanut | grep -i ā:443ā
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
too bad. However, sometimes itās just a matter of enabling it in the modem and then in the router. Just be careful to make a config backup, take the ISP number and check if anyone is using the internet for something vital before messing with the modem/router. Also, itās no fun to be without internet on a Friday because of IPv6, trust me =)
Hmmm, please check for typoā¦from above, you had typed in ānetstatā and it gave you some output, surely ānetstat -peanutā will give you finer outputā¦
Can you also confirm that you are running Ubuntu by typing in ālsb_release -aā ??
how did you set this server up? did you follow some sort of tutorial? go back there and re-read the stepsā¦i am sure the author had covered the security subject (enabling 443, tie it to a certificate, and if through Letsencrypt, would show you how to download acme.sh properly, etc.)