Hi,
Is it possible to connect to nextcloud over my lan rather than internet?
Internet working fine but trying to connect my desktop to my unRAID server running nextcloud docker.
Many Thanks
Absolutely.
Ah ok,
Thank you,
When I try to connect locally (192.168.0.33:444) I get an error “Access forbidden
State token does not match”
if I connect via the internet it is fine.
Any ideas?
Many Thanks
Any ideas?
Many Thanks
Wrong dns/ssl setup
Thank you for your reply but can you point me somewhere to find more information on what you are describing? I can connect remotely and have family desktops uploading remotely perfectly but cannot upload from my own machine locally so not sure what could be wrong by entering my server IP & port?
Thank you
How do you connect to your nextcloud from the Internet? If you use https://your.server.com you need to use the same address even from your local network.
ok, I use my domain but presumed that if I typed my domain name it would use the internet, does nextcloud detect my lan then?
Just try. If it doesn’t connect you need to look at your dns or router setup
Hi,
It connects but as you can see by the speeds it is not using even my 1GB NIC let alone my 10gb/E connection
any ideas?
That can be something else. The traffic is likely not going ‘out’ on the Internet and back again. What kind of server are you using? If it’s Linux you can use bmon, bwmon, iftop and the like to check on what network the traffic is going.
Hi,
I am running nextcloud as a docker on my unRAID server, wouldn’t know where to start in running any commands!
I have not set anything in the network options of the Windows Desktop App, everything is set to unlimited as default.
it has only uploaded 150mb so far in the last couple hours.
Easy and quick solution: make an entry for your domain name in your hosts file.
On Windows go to C:\Windows\System32\drivers\etc and open the hosts file in a text editor.
Add the IP and domain name like this:
192.168.0.33 your.domain.com
This will make your computer directly connect via LAN and HTTPS will still work and also there will be no error messages about trusted domains.
1 Like
Hi,
Many thanks @Schmu but that entry into my hosts file prevents connection?
192.168.0 = 1GB LAN
192.168.11 = 10gb/E LAN
That surprises me. Never had that before in a singe, simple network. You mention to subnetworks, could you describe your network setup there?
Is the direct route from your computer to the server’s IP 192.168.11.33 blocked or does the server have two IP adresses? Is the server blocking traffic from specific IPs or subnets?
What this entry should do actually:
Usually when you enter a full qualified domain name, DNS servers on the Internet are questioned for the IP address behind that domain name. That’s why you the network connection to the server is indeed going through your router.
The router could actually know that the target is in the local network and tell the client the local IP address. For security reasons this is usually deactivated (DNS rebind protection) which means the resolution of external names into internal IP addresses is blocked.
Instead of asking external instances for the address resolution, one can use the hosts file to do the address to IP resolution in the hosts file, because domains are tried to be resolved by the hosts file first and if there is no entry then DNS resolvers are contacted.
So the hosts file is simply just for domain name resolution to the local IP and allowing you to still use the SSL certificate (which is often only bound to the domain name) without any browser warnings.
Oh I just noticed: in your hosts file you used 192.168.11.33, in an earlier message above you mentioned you tried to reach your server via 192.168.0.33. And with the local IP you used port 444. Is there a proxy involved?
Hi,
Sorry, I may not have made myself clear, as mentioned above I have 2 networks
192.168.0 = 1GB LAN
192.168.11 = 10gb/E LAN
Both connect to my unRAID server.
You say I mentioned subnetworks but I don’t remember saying this, I just have an unRAID server with a 1GB & 10gb/E port
The router I use is another unRAID server running pfsense as a docker and I used spaceinvader ones setup guide for both nextcloud and pfsense and as stated it seems to work fine except I obviously don’t want to upload local files to the internet and back down again.
Many thanks for your time so far and taking the time to help me!
I’m not sure why we are discussing the wording now. In my humble world with limited knowledge the two networks you mentioned are two subnets. And I know absolutely nothing about unRAID servers and pfsense. If that knowledge is required to help here, I’m out.
I would still check that anyway:
Best practice is to use a DNS server on your LAN to resolve the domain address to the LAN IP. Then it works regardless of location using the same name.
Why use two subnets for different link speeds? That seems needlessly complicated.
Could you explain this? pfSense isn’t a single process and one would not normally run it with Docker, if that’s even possible.
I have no idea how you’d be running pfSense as a docker, as pfSense runs under FreeBSD, not Linux. But if you are running pfSense, your router acts as a local DNS server–just tell it to serve the IP of your Nextcloud installation for that hostname.
Apologies, I meant a VM and do you mean dns forwarding or resolving in pfsense?