Installation behind firewall (Ipfire)

PaulePils · July 8, 2019, 6:04am

Hello you all,

I am new to this community, so I need some advice.
Currently my network setup consists of a Fritzbox Router ISP -> Ipfire Firewall (not exposed) -> Access Point Lan/Wlan
I have build a new server to run Nextcloud, so that i have control over my own data. My problem is that I have to switch between two home several times a month and I want access to my data via Internet/VPN

What do you people think will be the best setup?

Nextcloud behind ipfire (green) - Do you have info regarding upload/download speed?
Configure a new Orange DMZ?
Expose the Ipfire directly to the Internet?

Since my setup is currently running quite fine, I want be sure if I have to change the whole setup to work.
Thanks for your ideas
Greetings

gas85 · July 8, 2019, 11:19am

And what is the problem? Expose NC only internal and when you connect to you net via VPN - you will be able to access you files.

If you need solution without VPN - expose only port 443 of Nextcloud with port forwarding on Fritzbox.

You can harden your system with Fail2ban: Brute force protection doesn't protect against failed logins

PaulePils · July 9, 2019, 6:48am

Thanks for your advice

Just wanted to be sure before I destroy my setup.

Reiner_Nippes · July 9, 2019, 7:38am

in case you use letsencrypt with http validation port 80 must be opened as well.

gas85 · July 9, 2019, 9:29am

You can use 443 only: Port 443 open, 80 closed - #5 by gas85