My goal is to access Nextcloud via my dyndns-address in the local network even when the port forwarding is deactivated.
I have found the following solution which works for me:
activated dnsmasq in ncp (Domain: mydyndns-address; DNS server: ip-address of my FritzBox)
set the ip of ncp in windows as primary DNS server and the ip of the FritzBox as secondary DNS server
DNS server setting in my FritzBox: Automatically assigned by internet provider
Next I tried the following:
activated dnsmasq in ncp (Domain: mydyndns-address; DNS server: ip-address of my FritzBox and later tried the ip of the DNS server of my internet provider)
set the ip of the FritzBox in windows as primary DNS server
set the ip of ncp in the FritzBox as primary DNS server and the ip of my internet provider as secondary DNS server
So I can access the internet but not Nextcloud via my dyndns-address in the local network.
Can you explain your goal? If you deactivate port forwarding in in your router you can not access your nextcloud from the internet? Is this your goal and why?
I mainly use Nextcloud to share content with my familiy and friends over the internet.
For security reasons I don’t want that Nextcloud is constantly reachable from the internet - I only open the ports when I have something to share.
I think it is no security risk to allow port forwarding the whole day.
A hacker must know your domain, url and can only hack your nextcloud over the nextcloud-application (server-ip and port 443), which is hopefully up-to-date. And if there is a security problem with nextcloud you are hopefully not the first hacked person.
If you think there is a security risk please destroy your computer (if windows or macos) and your smartphone (android and ios). You can better use the whole day your private, self hosted nextcloud.
