Hi @kittysuzuki
Sorry I couldn’t answer yesterday. It was already too late.
If you can connect to your server via LAN, it is a good indication, that you set up the server correctly in general. Assuming you can access the server via port 80 (http://) and 443 (https://), there is no firewall blocking the requests and the web server is listening on the expected ports, which your raspi wizard is complaining about being closed. Your fritzbox should have the IPv4 forwarding for port 80 to :80 and port 443 to :443. If that’s the case everything is fine here, too.
To check that the wizard is right, you can always test the server’s availability (from the Internet) with a smartphone when you disable wifi and access your public IP. Online network scanners can also help you to check for open ports. If both checks/ tests fail, you know at least, that your server is not reachable.
It is most likely DS-Lite however, which causes the unavailability from outside your LAN.
Yes, that is correct. With DS-Lite only the IPv6 is uniquely assigned to you. It is just the IPv4 which is “natted” (NAT) and while you cannot access the ISPs routers for enabling port-forwarding to your fritzbox, the outside world only sees closed ports.
To check the availability of your server via IPv6 you need to enable IPv6 in your network first. If you understand german, you can read the guide from AVM on the following link under point 3:
https://avm.de/service/fritzbox/fritzbox-7390/wissensdatenbank/publication/show/573_IPv6-Unterstuetzung-in-FRITZ-Box-einrichten/
I try to translage the Guide in english and hope I guess the correct menu translation.
- In the fritzbox web GUI click “home network” (maybe named “network” or “local network” instead)
- Now click “Overview”
- Click on the tab “Network Settings” (or “Network Configuration”)
- Click the button “IPv6 Addresses”. If this button doesn’t show up, activate the “Advanced View” first https://avm.de/service/fritzbox/fritzbox-7390/wissensdatenbank/publication/show/1652_Erweiterte-Ansicht-der-Benutzeroberflaeche-aktivieren/
- Activate the option “assign Unique Local Addresses (ULA), unless there is no IPv6 Internet connection (recommended)”.
- Activate the option “Activate DHCPv6 for your local network” and “Only assign DNS Server”.
- Click “OK” to save your changes
- Wait a few minutes and check if your server received an IPv6 address (global scope). Be aware that for IPv6 your server can have multiple addresses. While every interface has a link local address fe80:***, you need the global address which looks something like 2001:abcd:1234:12de:34ab:56cd:78ef:009a (just an example how a global address could look like)
- If your server doesn’t receive a global IPv6 address:
- restart your server and check again
- make sure that ICMPv6 is not blocked by a local firewall on your server
Afterwards, you need to set up port forwarding for IPv6 (port forwarding is very different for IPv4 and IPv6). For IPv6 port forwarding only means, that the firewall on the fritzbox opens up for the defined ports. It is not a real “forwarding” in terms of NAT (which only exists for IPv4).
If your server received a global IPv6 address and your ports are opened for this server on your fritzbox, then you can try to access your server with your smartphone (wifi disabled) again. Just read your global IPv6 on your server(!) and enter this address in the browser of your smartphone. It is important that you access your server with the IPv6 address of your server and not the address of your fritzbox! IPv6 addresse are navigated to like this:
https://[2001:abcd:1234:12de:34ab:56cd:78ef:009a]
Please let me know if you need further explanation/ help.