NC Port 80 + 443, can access from lan but not outside

Hi,
I installed NC 12 on nginx. No external access first for testing purposes. So Installation is on 192.168.x.x. So far so good.
Now, making it accessible from outside, I open up the mentioned ports but can not access from outside. From lan it always redirects me to the internal 192.168.x.x -ip and then works fine as if I would have directly open up via internal ip. From an external devices (e.g. phone) there won’t work that redirection (where ever it came from), so no access.
In config, I added the external domain as trusted domain and commented “overwrite.cli.url => 192.168.x.x”, also tried without commenting and changing internal ip to external dyndns-address. Won’t work.
It somehow feels to me that there somewhere is a setup of the redirection but I can not find it, but there are no more 192-lines in config.php.

What address are you trying to reach from outside and how were the ports (80+443) opened?

This Information is necessary to assist you.

Hi,

Did you determine your WAN IP from a website and try to enter your WAN IP in your smartphone browser?
Don’t know if you come from Germany too or if it’s different in your country, but many ISPs switch to Dual Stack which means that the IPv4 address that you have is also used by many other users. You only have your own IPv6 address.

IPv6: 1901:faae:40b::0321 (your personal address)
IPv4: 83.123.321.14 (shared address)

If that is the case for your, then you either need to enter your IPv6 in your smartphone browser and configure IPv6 portforwarding on your router or you need to request a static IPv4 address from your ISP (costs about 5,- € per month additionally in Germany).

As a hint: there are some ISP that don’t allow IPv6 portforwarding on the routers the provided to you. I have that problem for example.

Yeah, need some more info to help you more specifically.

Ports were open in the WAN-Router (FritzBox) as I did for other pages too - portforwarding as usual. 80+443. If I try to access from lan, it redirects to 192.x.x.x. I have the feeling it also tries redirecting when accessed from outside(WAN), which of course does not work.
I do not really want to publish the NC-address, sorry. I hope you are not mad about me?

Ja, Ger (O2). Zero probs so far, I have to confess.
I have 4 other sites on the “raspi” and they all can be accessed smooth via ipv4. I also had Seafile on the server and could be accessed from outside just fine. It is offline for a while now, but for testing purposes, I just reactivated Seafile shortly and works fine - also https.
I assumed it might be a prob with nginx “server_name” in the 1st place, but…well, deactivated server_name and the prob is still the same. It must be something with NC.

:smiley: no, not mad at all.

Can you find something in the logfiles? So, do you see your attempt to connect to the server from the Internet with your smartphone in the access.log of nginx and do you find any error messages in the error.log (nginx) and nextcloud.log file?

With some error messages we could probably request the right config files to have a look at them.

I’m sorry, I can not provide any error in nginx-log, simply because there non. I tried both, from inside and outside lan.
I looked up access.log. Nothing informative from outside but from within lan:

192.168.x.x - - [05/Aug/2017:00:00:00 +0200] “GET /core/js/oc.js?v=i3j3d HTTP/1.1” 200 3250 “https://192.168.x.x/login” “Mozilla/5.0 (X11; Linux x86_64; rv:38.9) Gecko/20100101 Goanna/2.1 Firefox/38.9 PaleMoon/26.3.3”

I did cut a bit, where I wrote it. At least a hint to the internal ip.

It’s not really telling me anything from outside:

x.x.x.x - - [05/Aug/2017:00:03:12 +0200] “GET / HTTP/1.1” 301 184 “-” “Mozilla/5.0 (Linux; U; Android 2.3.7; de-de; MB525 Build/GWK74; CyanogenMod) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1”

desperate… :disappointed_relieved:

Please output your Nextcloud config file, making sure to remove private info. Your overwrite URL is internal and I suspect there may be other issues.

I’d also post my nginx-file, but the editor here has issues with the format and hashkeys and other non-regular characters. But its pretty much the suggestion from the board here.
I remember that for Seafile, I did not even needed to open port 443, but I’m not sure if this is relevant on this case.
I hope, the config.php may help.
thx

further investigation… As far as I see

https://docs.nextcloud.com/server/12/admin_manual/installation/nginx.html

"return 301"
actually is “some sort” of redirection? My conf: