No connection with 4G

Nextcloud version (eg, 20.0.5) : 25.0.6
Operating system and version (eg, Ubuntu 20.04) : Ubuntu Server 22.04 LTS
Apache or nginx version (eg, Apache 2.4.25) : Apache 2.4
PHP version (eg, 7.4) : 8.1.2
SQL Version : type Mysql 10.6.12

Hello,

Following a new installation, I encounter a problem on my nextcloud, locally and externally the connection is operational except when I am off wifi, I thought of a problem of IPV6, I thus deactivated it but the problem is always present.

The message on the web page is: “ERR_CONNECTION_RESET”.

Can anyone help me?

wifi/4G? what is not working?
Can you do a ping and a traceroute/tracert to the Nextcloud server (in case it’s a mobile computer and not a smartphone)?

Thanks for your answer

My problem is only present on smartphone in 4G connection, I tested the ping from a “juicessh” application the server answers correctly (on 4G network).
I tested a TELNET command on the domain name, it tries to connect to an IPV6 address, while IPV6 is disabled on Ubuntu server.

Should I reactivate it?

And you said other external access is working. This other external access is for ipv4 only?

If you have doubts about ipv4/6, I’d check from an external host, if there is linux:
curl -4 -v https://nextcloud.example.com/login
curl -6 -v https://nextcloud.example.com/login

In both cases it should show you the html-code of the login page.

Here is the result, the problem comes from the IPV6

Your 4G connection is the only one with activated ipv6?
I would try to make it work on dual stack (v4/v6), for ipv6 you normally don’t have NAT and other mechanism that should normally simplify the task. But it depends a bit on your network setup. Here it could be the network or it could be the webserver that is just not listening to ipv6.

And you are not using ssl-connections? It makes everything again slightly more complicated, but if you use public networks, you should not use unencrypted connections.

Yes, only the 4G connection.

I have started to look at how to make IPV4 and IPV6 work, I am a bit confused.

I’m not sure if the network is the cause, I can access the freebox web page from 4G.

The SSL is well activated but the port 80 also, the redirection does not work, I will look at that later

Mostly it’s a network or webserver configuration issue. What can help is, if you run tcpdump (you can filter for specific ips, also v4/v6 etc.) on your server, there you can really see what request reach your server. If they don’t reach the server, it’s your network setup at the router, if it arrives at your server, it’s most likely firewall or webserver config.

What do your DNS records say?

Did you enter IPv6 addresses on your DNS entries?

What is the topology externally?

Are you using any VPN, Cloudflare, etc?

Hello,
I tested the tcpdump,

Here are the frames:

10:01:05.614136 IP6 2a01:e0a:869:****::1.mdns > ff02::fb.mdns: 0 SRV (QM)? 68A3781F0B1C@Freebox Server._raop._tcp.local. (62)
10:01:05.614724 IP6 2a01:e0a:869:****::1.mdns > ff02::fb.mdns: 0*- [0q] 2/0/0 (Cache flush) SRV Freebox-Server.local.:5000 0 0, (Cache flush) AAAA 2a01:e0a:869:****::1 (119)
10:01:17.049716 IP6 fe80::6aa3:78ff:fe1f:**** > ff02::1:fffc:86a2: ICMP6, neighbor solicitation, who has fe80::9e3d:cfff:fefc:****, length 32
10:01:17.049971 IP6 fe80::6aa3:78ff:fe1f:**** > ff02::1:ff7f:c15e: ICMP6, neighbor solicitation, who has fe80::6e1c:71ff:fe7f:****, length 32

The IPV6 addresses only concern the freebox and not the IPV6 of the GSM.

I don’t use cloudshare, in VPN it works.

But the goal is to do file sharing through external links.

On the Freebox or on the server? Sorry, I’m a bit confused…

If I ping a host from outside (outside ip) on my home network, the home-network server shows:

21:35:19.214105 IP6 (hlim 52, next-header ICMPv6 (58) payload length: 16) ext-ip > int-ip: [icmp6 sum ok] ICMP6, echo request, id 62829, seq 0
21:35:19.214247 IP6 (flowlabel 0x5e92c, hlim 64, next-header ICMPv6 (58) payload length: 16) int-ip > ext-ip: [icmp6 sum ok] ICMP6, echo reply, id 62829, seq 0
21:35:20.285332 IP6 (hlim 52, next-header ICMPv6 (58) payload length: 16) ext-ip > int-ip: [icmp6 sum ok] ICMP6, echo request, id 62829, seq 1
21:35:20.285468 IP6 (flowlabel 0x5e92c, hlim 64, next-header ICMPv6 (58) payload length: 16) int-ip > ext-ip: [icmp6 sum ok] ICMP6, echo reply, id 62829, seq 1

this is when I ping the ipv6 from outside.

There are more packages via ipv6, often these neighbor solicitation messages (depends a bit if you have more hosts on your network), but normally you get an answer (except you filter for incoming only).

I’d try a bit with ipv6, if you can receive packages, if you can ping other hosts etc. Not sure if your router blocks traffic (I did a subnet delegation to a second router behind the freebox).

Hello,

Here are the ping returns from google. it doesn’t seem to be going anywhere

> 18:40:04.424638 IP6 nextcloud > dns.google: ICMP6, echo request, id 2, seq 25, length 64
> 18:40:04.425195 IP6 _gateway > nextcloud: ICMP6, destination unreachable, beyond scope dns.google, source address nextcloud, length 112
> 18:40:05.448656 IP6 nextcloud > dns.google: ICMP6, echo request, id 2, seq 26, length 64
> 18:40:05.449254 IP6 _gateway > nextcloud: ICMP6, destination unreachable, beyond scope dns.google, source address nextcloud, length 112
> 18:40:06.472629 IP6 nextcloud > dns.google: ICMP6, echo request, id 2, seq 27, length 64

I have a question to ask.
When connecting to mondomaine.fr with an IPV4 connection, the redirections are done by the port redirection of the box, but what about with IPV6?

I tested on ipv6now.com, mondomaine.fr pings correctly, but I think it’s the box.

The problem with ipv4 is that you just have one address. So the router says all traffic on one port of this ipv4 is redirected to an internal ipv4 with a port.

ipv6, you have plenty of addresses, so you can directly connect to the ip without address translations to internal ips.

If you can’t ping via ipv6, that is not good. Can you ping your Freebox ( Freebox-Server.local)?