Setting up Nextcloud for multiple subnets

Hi, we are currently trying so setup a self hosted nextcloud in our own local network. We also want to make it reachable from public internet later by using a virtual Webserver on our Sophos UTM. For securtiy reasons we decided to create a own subnet+vlan only for our Netxcloud server. And thats were our problems start, the nextcloud server only opens the Nexcloud login page for clients within his own subnet. Clients from our other local subnets cant open the nextcloud login page. Its not a routing or network or firewall issiue, because ping and simple html websites (tested with a simple index.html on the nexcloud server) work fine. It seems to be related to php in some way. i suppose there are some security mechanics that dont allow php from a different subnet?

Our problem is that we are more windows/netorwk guys than Linux/apache/php ;). Any ideas what might be our problem?

here can you see the apache access.log

from network is the access to the login page ist working
from network is the access not working - the browser is constantly loading without errors

I would say that it is network related, as it works fine from the local subnet. Are you using HTTPS?

The only thing I can think of which would restrict access is trusted_domains, but you will still get an error message displayed when you access Nextcloud on an IP which is not configured in config.php.

Is it a default setup of Nextcloud/LAMP? Can you check your firewall logs when you’re making the connection?


Could you also show related entries in the web server error.log and the Nextcloud log, please?

The access log only shows successful delivery of http request (200) and one redirect (302 - temporarily moved).
Possible that you configured a redirect to the domain of the internal network and that’s why clients from other networks can’t reach the server.
A wireshark trace on the clients should show that as well if that’s the case.

Hi, thanks for your help, ww finalle found the error. It was a to small mtu value at our sophos utm. It seems windows can handle this, but ubuntu linux can´t. thats why the windows test machine worked from other subnets while the ubuntu server was only reachable within his own subnet. We set the mtu to 1500 an bingo ;). Maybe this helps somone with the same configuration. its very hard to find, because we thought it was caused by something within the linux server.