Change server from external access to local network only

DISCLAIMER: I don’t work in IT, I don’t know networking, and setup my server thanks to many guides and forums online.

I had a nextcloud server running on docker on a NAS at my home, running for me and some family members. I had to move, and will be without broadband internet for some time, maybe a month or so (I’m now posting via my cellphone carrier plan). My server is still running, and my router still runs ok (albeit without internet) so I can access my NAS completely fine when I’m logged on my local home network. The problem is that I cannot use nextcloud at all, including the important calendar feature, and not only me, but my family members too.

By the way, if I try to browse (from home network) the address serverip:port corresponding to both http or https ports of nextcloud, I get a Secure Connection Failed error, with Error code: SSL_ERROR_RX_RECORD_TOO_LONG.

I was hoping to find a way so that all desktop and android clients (including DAVx5 for caldav) can synchronize with the server when connected to my local home network! I dont know if this can be achieved e.g. with a pihole DNS server pointing my domain to the local ip and port of the nextcloud server, but not sure what to do about the SSL certificates…


  1. A nextcloud server was setup with external access in my home.
  2. External access setup with help of no-ip, with domain of the sort of [].
  3. All clients are setup to sync with the server via the no-ip domain.
  4. My home will be without internet access for some time.
  5. I want to enable the server for local network only.
  6. The desktop and android clients should sync when connected to the wifi or lan at my home, ideally without needing to change any configuration.

Server setup for external access:

  • Router setup with port forward.
  • No-ip for ddns.
  • Let’s Encrypt for SSL.
  • NPM (nginx proxy manager) for reverse proxy.
  • Nextcloud (docker stable-apache image)


  • Nextcloud Desktop Client (files)
  • Nextcloud Android Client (files)
  • DAVx5 for Android (calendar & contacts)

Server setup for local access only:

  • Router (no internet, local network only)
  • nextcloud (docker)
  • ???

Thank you in advance!

you need to make the DNS record <mycloud.tld> on your internal network pointing to local IP. Different router have build-in capabilities, other need external service like pihole or adguard. Then you should be able to login internally until the letencrypt certificate expires which happens pretty often - as all the certs are valid for 90d only. This is the smoothest hack to make it work for short time. long term solution would include removing https config and allowing plain connection (or rolling out self-signed certificates which more complex in my eyes)…