I don't have Port Forwarding

Alright, so a bit info first:
I have a working nextcloud instance set up and ready to go on my Raspberry Pi. It works flawlessly and I can access in my house when connected to Wifi.

Now I wanted to access my server from anywhere so… port forwarding.
Unfortunately my router (Syrotech G/EPON-ONT) simply does not have an option of port forwarding or port triggering. I read somewhere about NAT, I have that but am only able to select between NAT 1-4. Nothing else.

My question, is there any way to access my server externally, I tried no-ip but that requires an IP address that needs to have port forwarding to point to my Pi. I don’t think I can use my local IP given by my router.
If anyone recommends a new router, please know that I live in India, so my available routers may differ from yours.
I just really don’t know what to do anymore.

Any help is appreciated!

Buy a new router or use another provider. Also you can search remote tunnel with a VPS or host your nextcloud better on a VPS.

Sounds like a crappy router. Upgrade to pfSense.

Also just a bit of info, “port forwarding” is sort of a slang term for NAT + ACL. NAT is the translation of the connection changing the destination IP to the local one. ACL is access control list, aka “firewall rule” which determines whether the connection is actually allowed.

On a low grade router, the two are bundled together and terms used interchangeably even though they are not the same thing.

Not without being able to forward a connection to it, no. Unless maybe your router is VPN capable, but based on what you described, that would be surprising.

Some ISPs only offer carrier grade NAT, so you don’t have your own official ipv4.

I think what you need is a tunnel provider. Did you try PiTunnel?

Please search the internet for that keyword as I don’t want to advertise their service here. I am not affiliate with them and I don’t use it myself. I heard that they have a free service but it is some kind of a trial for 3 months. After that you have to pay monthly subscription.

Its quite frustrating the my ISP only offers Syrotech routers, I could purchase my own but am rather cautious against it as I would need a modem cum router that has portforwarding.

I’ve looked into VPS, but my server is mainly for personal use so that’s a bit out of my budget as I want a permanent solution that I can leave undisturbed.

You’re correct, it is a crappy router. But I’m wary of changing it as I might run into the same issue as now.
Thanks for the information, I’ll keep it in mind.
My router is definitely not VPN capable.

About pfSense, I’ve heard about it and looked it up, but I’m having trouble understanding it.
I understand its a sort of firewall and router replacement?
As in, I’ll set up pfSense on my Pi and I’ll be able to… is what I’m not getting.

I don’t think this is the case, my ISP is not a large corporation. In my area its many ISP’s server 600-700 homes each.
This there any way to tell?

This has been the closest to a solution so far.
I think PiTunnel does what I need, its a shame you’re limited to 500MB.

But I can’t seem to access my nextcloud instance. It’ll get me to the Apache2 Debian Default Page every time.
My server is located at 192.168.1.2/nextcloud locally but inputting that at the destination along with port 443 doesn’t work.
Any ideas?

Have you configured your apache2 virtual hosts correctly? Please post a few more details.

I just got it as we speak. It wasn’t possible to automatically direct to my nextcloud instance. I had to forward port 443. and manually add /nextcloud to the and and it’ll work.

That begs a new question, could this work with no-ip? If replace my Pi’s IP address with a domain name and it should work similarly, then I can add /nextcloud to the end?
Or do I require port forwarding for no-ip?

pfSense is a firewall and router. However I don’t think it is available on RPi. You would need to run it on its own box or as a virtual machine. It comes with its own operating system.

As far as what it allows you to do, it’s an enterprise grade firewall. It’ll do any NAT you want, complex ACLs with objects and schedules, various VPNs, IPv6… basically anything you could conceivably want your router to do, pfSense does it.

All no-ip does is give you a DNS name to use in place of your dynamic public IP. It will not change the need for port forwarding.

You won’t get around having to solve that problem.

One other thing I’ll throw out there in the event you don’t actually have a public IP address with your service as tflidd suggested… mind you this is getting into a whole new level of complexity… as a last resort for hosting your data at home, you could introduce a VPS. Then you could either VPN tunnel everything back to your RPi, or perhaps even run Nextcloud on the VPS and just tunnel your storage.

But again I would consider that only as a last resort as that’s introducing failure points and a lot of complexity as a workaround.

As I previouslymentioned, I don’t use PiTunnel. And I don’t use Apache. But I would guess it is just a configuration issue.

How did you access your Nextcloud locally? Can you access it locally with https?

Did you setup SSL certificate? Is it self-signed? It must not be self-signed otherwise you cannot access it via internet, unless you include its certificate into your browser. But I would suggest to use Let’s encrypt.

By the way, if you would have to pay for tunnel provider like PiTunnel, I would suggest to get KVM VPS. You can get KVM VPS with the same resource as Raspberry Pi with rental rate around 3 - 4 EUR/month.

Ahh so it’s a replacement just like nextcloud is a replacement for google drive in a way. It’s my own hardware and software and the ISP simply provides the internet line?
It sounds interesting, but I don’t have anything to run it on and I don’t think I need that much for this.

Hmm so indeed there is no alternative to port forwarding. I’ve got an old TP-link router laying around, I’ll see if that has port forwarding. If it does, I’ll get a better model to work this out.

Thanks for your help!

While I doubt that’s the case, if it is I’ll look at other options because I don’t want to get into that sort of complexity.

I should have added my response to my reply to your comment as well, I figured that out.

Just FYI if you ever need it, I don’t think I’ll use PiTunnel as (I don’t know if this is for free users only) my testing has reveled that there are significant cuts in internet speed. Pages take much, much longer to load and its a frustrating experience overall. I don’t know why that’s happening, it’s just fine on my wifi. Perhaps that’s just how PiTunnel works.

You might try something like this, which will publish any internal web service to an external URL.

Obviously there are security issues with this. Do your own risk assessment.

Apologies, I’m viewing your response quite a bit later.

Thank you for introducing me to ngrok though, I’ve tried and tested it out, and it’s quite similar (almost the same) to Pitunnel, just more broadly focused, rather than only committing to Raspberry Pi’s .

It worked. And that’s what I can say. I could access my server externally without port forwarding. Unfortunately, (I’m almost sure now that this is intentional), the internet speeds are throttled quite significantly for free users.

Through my testing I get about:
50KB/s down on PiTunnel
100KB/s down on ngrok
10MB/s down though my home network

It’s nice to have in a pinch, but I suppose a cheaper and better solution would be to aquire a new router than sign up for a subscription.