ERR_CONNECTION_RESET when accessing Nextcloud from the Internet

florian.b · December 31, 2025, 12:11am

Hello

I am having trouble accessing my Nextcloud installation from the internet. I installed Nextcloud on Windows 11 / Docker Desktop according to these instructions: GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

The setup went smoothly and I can also access Nextcloud on the LAN (browser / Windows client / Android app).

Unfortunately, it doesn’t work from outside. The browser displays the error message ERR_CONNECTION_RESET.

In the router port 443 is forwarded to the Windows computer running Docker/Nextcloud. I use a DynDNS service from softether.net.

Edit: According to https://www.yougetsignal.com/tools/open-ports/ Port 443 is open. My public IP starts with 185. Therefore I assume that my ISP is not blocking 443 or using CGNAT.

Nextcloud is version “Nextcloud AIO v12.3.0” and has the following errors in the logs:

Fehlersuche	admin_audit	RuntimeExceptionThe loading of lazy AppConfig values have been triggered by app “admin_audit”	31.12.2025, 00:23:35
Fehler	core	ExceptionHMAC does not match.	30.12.2025, 23:54:53
Fehler	core	ExceptionHMAC does not match.	30.12.2025, 23:54:53
Fehler	core	NotFoundException/appdata_ockknz5bfnsv/theming/global	30.12.2025, 23:40:14
Fehler	core	NotFoundException/appdata_ockknz5bfnsv/theming/global	30.12.2025, 23:40:14
Warnung	no app in context	Skipping updater backup clean-up - could not find updater backup folder /nc-updater/updater-ockknz5bfnsv/backups	30.12.2025, 23:40:13
Warnung	no app in context	Skipping updater backup clean-up - could not find updater backup folder /nc-updater/updater-ockknz5bfnsv/backups	30.12.2025, 23:40:13
Warnung	cron	QueryNotFoundExceptionCould not resolve OCA\AppAPI\BackgroundJob\ExAppInitStatusCheckJob! Class “OCA\AppAPI\BackgroundJob\ExAppInitStatusCheckJob” does not exist	30.12.2025, 23:40:08
Warnung	cron	QueryNotFoundExceptionCould not resolve OCA\AppAPI\BackgroundJob\ExAppInitStatusCheckJob! Class “OCA\AppAPI\BackgroundJob\ExAppInitStatusCheckJob” does not exist	30.12.2025, 23:40:08
Fehlersuche	admin_audit	RuntimeExceptionThe loading of lazy AppConfig values have been triggered by app “admin_audit”	30.12.2025, 23:38:18
Fehlersuche	admin_audit	RuntimeExceptionThe loading of lazy AppConfig values have been triggered by app “admin_audit”	30.12.2025, 23:38:18

Thanks in advance.

szaimen · December 31, 2025, 1:50pm

Hi, this might be a ipv6 problem. Did you set an AAAA record for your domain?

florian.b · December 31, 2025, 2:59pm

No, I don’t hve an AAAA record, but I don’t have a public ipv6.

mritzmann · December 31, 2025, 4:48pm

I don’t use Windows. But can you access port 443 of your Windows computer from another computer on the same network? If not, it sounds to me like a Windows firewall problem.

florian.b · January 1, 2026, 7:46pm

Yes, I can access port 443 from another computer in the same network. In my LAN everything works well, the problem occurs when I try to access from the internet.

ernolf · January 2, 2026, 1:57am

Hi @florian.b,

I suspect the problem lies right here:

Could you please tell us which router you’re using and how you configured port forwarding?

It might also be helpful to know the topology of your local network.

ernolf

florian.b · January 2, 2026, 12:49pm

Hi @ernolf

I assume you are right. In the meantime I set up a Nextcloud AIO on a virtual debian machine, and I’m getting the same results. Rechable (over the DNS-Name from softether) from the LAN but not from the internet.

The router is a EG8147X6.

These are the port forwarding settings:

The Windows machine with Docker Desktop is connect via TP-Link BE65 in access point mode.
The Debian VM runs on a host directly connected to router. The network mode (Oracle Virtual Box) is Bridged Adapter.

ernolf · January 2, 2026, 2:06pm

I know you didn’t ask for my opinion, but the Huawei EG8147X6 is crap. Huawei makes routers that restrict port forwarding to just a few ports: 7777, 8888, 8080, and 8000. I don’t know if that’s the case with your router, of course, but you could try forwarding port 8888 externally to port 443 internally and see if you can connect via

https://yourdyndnsname:8888

Is your dyndnsname in the list of trusted hosts?

If that does not work either, try it with a proper router, at least a Fritz!Box or something similar, instead of a $20 toy from Alibaba

Good luck!

h.t.h.

ernolf

florian.b · January 2, 2026, 2:14pm

That’s the router my ISP provided …

I got an VPN running in the same network and I’m forwarding other ports to it, and that works. Still tried with 8888 but with the same result.

Yes, my dyndns is in the trusted hosts.