Hardening NextCloud Pi for IP passthrough on home router

I have been using NextCloud Pi on a Pi3B for a couple of years, essentially to provide a DropBox/Google Drive for my household. Recently I had to move and change internet providers. The new AT&T fiber gateway has a port forwarding feature, but it doesn’t function (the ports don’t open despite configuring). AT&T replaced the gateway, but that did not resolve the issue, and they have no further support to provide. I’m wondering whether to consider using the IP Passthrough feature on the gateway to direct all incoming traffic to the Pi and access it that way? What settings do I need to change to go this direction?


Whether it is Port Forwarding or this IP Passthrough you are mentioning, none of them are in anyway connected to or need of any special configuration in NextCloud application end.

In case you are accessing nextcloud via a different IP / Domain than your LAN, all you need to do is just add another Trusted Domain with that IP or domain value.

But actual traffic routing or such are to be done at network end, nextcloud has nothing to do with that.


Thanks—I’m asking specifically about security settings and configuration. I know NextCloud Pi tries to have reasonably secure defaults, and I have turned on settings such as forcing HTTPS, but am not sure what else I might need to ensure that the Pi and my home network are secure.

I only read this about IP Passthrough feature at&t (PDF) and i think it is not a good option. I think in this settings you must configure your Pi also as router/bridge/NAT, … for your whole network. That makes no sense and i think it is only interesting for business.

Please post more details to the AT & T fiber gateway port forwarding feature. Post screenshots of your router, …

1 Like

Have you seen this article?