Installation behind firewall (Ipfire)

Hello you all,

I am new to this community, so I need some advice.
Currently my network setup consists of a Fritzbox Router ISP -> Ipfire Firewall (not exposed) -> Access Point Lan/Wlan
I have build a new server to run Nextcloud, so that i have control over my own data. My problem is that I have to switch between two home several times a month and I want access to my data via Internet/VPN

What do you people think will be the best setup?

  1. Nextcloud behind ipfire (green) - Do you have info regarding upload/download speed?
  2. Configure a new Orange DMZ?
  3. Expose the Ipfire directly to the Internet?

Since my setup is currently running quite fine, I want be sure if I have to change the whole setup to work.
Thanks for your ideas
Greetings

And what is the problem? Expose NC only internal and when you connect to you net via VPN - you will be able to access you files.

If you need solution without VPN - expose only port 443 of Nextcloud with port forwarding on Fritzbox.

You can harden your system with Fail2ban: Brute force protection doesn't protect against failed logins

Thanks for your advice :slight_smile:

Just wanted to be sure before I destroy my setup.

in case you use letsencrypt with http validation port 80 must be opened as well.

You can use 443 only: Port 443 open, 80 closed