Having trouble accessing my Nextcloud server remotely

I just followed several tutorials online that had me setup the Nextcloud server on a local Desktop I own. I am able to access it from my local network but am having trouble accessing it from outside my home network. I followed some other tutorials and have been able to setup a DNS name for my home server. I can access my default web-server files on port 80 and a few other applications running on different ports by going to my domain followed by the port number. When I try to access Nextcloud at my domain name, passing it the port 8080 it should be using… it never connects. Do you think you could help me take a look at this? It’s odd that my DNS address works for other applications running on different ports but not for port 8080. By the way, I have port forwarding turned on within my router to forward port 8080 on this server.

If you need any more information to help with this issue please let me know. I am just getting into all of this stuff, so odds are it’ll be an easy fix.

Thanks in advance for all of the help!

Nextcloud version (eg, 20.0.5): 24.0.6
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04.1 LTS
Apache or nginx version (eg, Apache 2.4.25): 2.4.52
PHP version (eg, 7.4): 8.1

Is this the first time you’ve seen this error? (Y/N): Y

The output of your config.php file in /path/to/nextcloud:

$CONFIG = array (
  'instanceid' => 'XXXXX',
  'passwordsalt' => 'XXXXX',
  'secret' => 'XXXXX',
  'trusted_domains' => 
  array (
    0 => '',
  'datadirectory' => 'XXXXX',
  'dbtype' => 'mysql',
  'version' => '',
  'overwrite.cli.url' => '',
  'dbname' => 'XXXXX',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'XXXXX',
  'dbpassword' => 'XXXXX',
  'installed' => true,
  'default_phone_region' => 'US',
  'memcache.local' => '\\OC\\Memcache\\APCu',


First thing to do is finding out your WAN IP Address. WAN IP is given by your ISP to your router.

Now, there are two type of WAN IP.

  1. Public IP
  2. CG-NAT (Internal ISP WAN IP)

You must be having Public IP for WAN in order to access NextCloud from outside your local network, eg. via Internet.

Most likely your ISP is indeed assigning public IP since your other applications are accessible from Internet.

Is it a VM, or native installation?

Have you checked if this server firewall is set to allow incoming traffic from internet via that said port?


You may have other issues beyond this, but you’ll need to add your domain to this array. Instructions can be found in the documentation.

I suggest running tcpdump to verify if your port forward is working.

I know my WAN IP address. When I ping the DNS name that I setup it shows that it has replies from the same WAN IP address that my WiFi lists.

Yes, I am just having issues with this port and program. I can access all of my other ports and programs from my DNS name.

This is a native installation. I have Ubuntu server installed on bare-metal hardware.

When you say add my domain do you mean my external URL? Like the DNS name I configured?

Would it be helpful if I posted my Apache conf files? Not sure if that is where the problem is or if it’s in one of the Nextcloud files.

I added my DNS name followed by the port to the list of trusted domains and am still having issues. I restarted the server but that didn’t fix anything. Any other advice or things to look into?

I suggest running tcpdump to verify if your port forward is working.

Heya Robert, some thoughts as I had a little fun with this too.

Is your NC working on port 8080 internally?
Can you connect internally on 8080?
Are you using plain HTTP (for testing of course) or HTTPS?
If https, is it the same URL internal and external?
Can you drop https and prove http first to rule out TLS / certificate issues?

As @KarlF suggests you need to prove basic IP comms first. If you use port forwarding to a different port that can get messy - especially if you’re using the router to attempt rewriting too. Yuk.

It might be worth stopping nextcloud and putting up a simple “hello_world.html” page on port 8080 first to prove basic connectivity. Or use a different host for this test. Once you can see that inside and out, then look to get nextcloud working.

My lesson was to use an alias for access to nextcloud servers e.g. nc.example.com. I have a public DNS domain anyway, and internal DNS domains too (router “lan dns” feature, also use dnsmasq) that both reply to the same alias with my WAN or internal IP as appropriate so this was easy to set up and lets the host be part of my internal domain if I ever get the urge to implement SSO.

If exposing to internet then a proxy (eg haproxy) can get around some port-forward issues and you can also restrict which bits of nextcloud are accessible from outside. Well worth the hassle.

Good luck - first time setting up this sort of thing is a learning experience.

How do I do that? Do I just run the tcpdump command?

I stood up my old webserver that was running on port 80 to now run on port 8080 and I can reach it now from the internet. I think my issue is somewhere in my Apache or Nextcloud configuration. I had tried to setup an SSL configuration but that may have messed it up. I have been trying to access it using http and https and neither works.

Here are my two Apache conf files if these are any help…

This is the one that certbot made…

<IfModule mod_ssl.c>
<VirtualHost *:443>
    DocumentRoot "/var/www/nextcloud.learnlinux.cloud"
    ServerName XXXXX

    <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

    <Directory "/var/www/nextcloud.learnlinux.cloud/">
        Options MultiViews FollowSymlinks
        AllowOverride All
        Order allow,deny
        Allow from all

   TransferLog /var/log/apache2/XXXXX
   ErrorLog /var/log/apache2/XXXXX

SSLCertificateFile /etc/letsencrypt/live/XXXXX/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/XXXXX/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

and this is the main one…

<VirtualHost *:8080>
    DocumentRoot "/var/www/nextcloud.learnlinux.cloud"
    ServerName XXXXX

    <Directory "/var/www/nextcloud.learnlinux.cloud/">
        Options MultiViews FollowSymlinks
        AllowOverride All
        Order allow,deny
        Allow from all

   TransferLog /var/log/apache2/XXXXX
   ErrorLog /var/log/apache2/XXXXX

RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Does any of that look like it would be causing the issue?

BTW, all of the XXXXX have my DNS name in them. That part isn’t the issue.

Thanks again for all of your help!

This is forwarding it to HTTPS. You won’t be able to open it on port 8080 with this here.

So I just need to remove those 3 lines?

I got rid of those three lines and I still can’t access it. Do I need to remove the ssl conf file? I restarted apache2 BTW

Perhaps. You’ll need to reload the Apache service to take effect. I can just tell you that they will forward any access attempt to HTTPS on port 443. It would be advisable to learn more about Apache.

They were probably added when you ran certbot which does not work without port 80. Did you have it running certbot and then changed the port later?

No, I had it running on port 8080 to not mess with my webserver running on port 80 then I ran Certbot on Nextcloud which runs on port 8080… if that makes sense.

I just removed the ssl conf file and the certbot certificate. I just tested it again and I still can’t hit that port and DNS name from outside of my home network. As previously mentioned I swapped my homeserver to run on port 8080 and that worked just fine. I don’t think it’s the port. I think it’s still something in how I have it configured. Not sure what else that could be. We already changed that other conf file… When I add the array values to my Nextcloud conf file will it just look like this? What is the overwrite.cli.url field for? Is that something I need to change?

  'trusted_domains' =>
  array (
        0 => '',
        1 => 'nc.example.com:8080',