Unable to access Nextcloud with 'Private Internet Access' VPN

I have been using Nextcloud for many years without any problems and its been fantastic.

However, I have just started using ‘Private Internet Access’ VPN on my Dell PowerEdge T30 server which is running Ubuntu, but I can no longer access Nextcloud.

Nextcloud works fine without a VPN, but does not work when using a VPN (I had the same issue when I tried NordVPN a while ago).

My ISP is Zen and it comes with a static IP address as standard. I also use https://www.dynu.com so that instead of having to remember an IP address, I only have to remember a URL.

I can ping my static IP address (using terminal on my Mac Book Pro) when PIA VPN is running on Ubuntu, but I can’t access Nextcloud.

In fact I can’t even access the Apache2 Ubuntu Default Page (i.e. without the /nextcloud at the end of the URL) so I guess its no surprise that I cant access Nextcloud either ?

How do I resolve this ?

Nextcloud version : 25.0.13
Operating system and version : Ubuntu 20.04
Apache or nginx version : 2.4.41
PHP version : 7.4.3

In order to answer this question, you need to provide a lot more information.
Is your Nextcloud server at your home or at the provider Zen in a data center?
So if it’s in your home, knowledge of the network architecture of your home network is required. What kind of connection do you have? Is your server on your home network behind a NAT router? If so, are the port forwardings all set correctly? Can you otherwise access your Nextcloud server from anywhere in the world and does it only not work if you establish a connection from home via a VPN?
These are the rudimentary most important pieces of information needed to answer your question.

or have you really connected your web server to a VPN?
Then it is of course clear that you can no longer reach your server because the IP address is then somewhere in the world, just no longer your fixed IP address.
Do you know exactly what VPN is? It almost feels like you don’t know what it does!

Much luck,
ernolf

Thanks ernolf,

You are correct, I am trying to understand how VPN works and finding some of it quite confusing.

It sounds like I have connected my web server to a VPN like you say.

Nextcloud is at home running on the server, below is my setup including my VPN requirements:

I have2 different requirements for VPN:

  1. VPN to hide static IP address of server (for privacy and security)
  2. VPN for secure connection to iMac for remote backup from server HDD to iMac USB HDD e.g. rsync or rdiff-backup using SSH where iMac pulls data from server

PIA VPN meets the first requirement other than breaking Nextcloud.

I’m still not sure how to implement the second requirement and currently looking at setting up my own OpenVPN server or Wireguard server which will run on a virtual machine on my Ubuntu server.

I understand how a VPN changes my static IP address by going through a VPN server as well as encrypting the data to provide privacy and security.

That’s why I couldnt understand how Nextcloud would work with a VPN, but I spoke to the IT person at the company I work for who also uses Nextcloud and PIA at home. He knows his stuff as he had to implement a strict IT policy and to meet cyber essentials due to being involved with some military projects.

I told him that when I tried Nord VPN I could not access Nextcloud and he told me that the VPN should not affect Nextcloud. He said “it should only change the IP address that is doing the downloads and not your internet IP address so nextcloud should still work”, so either he does not understand my setup or I’m missing something (maybe he doesnt realise the web server is also connected to the VPN)

So what’s the best way to resolve this ? Would it be to make the web server not use the VPN connection and is this possible ? I found a setting for split tunnel which seems to imply I can select which applications use the VPN connection, is this the way to do it ?

The correct ports are open on my router and firewall and usually it can be accessed anywhere in the world, it just stops working when I use PIA VPN…

Please imagine VPN like a tunnel. If you set up a tunnel from your Ubuntu server and you want to access your Ubuntu server from outside, then of course you have to go to the other end of that tunnel and no longer use the IP address/host name of your router (FRITZ! Box)
If you primarily want to use your VPN to connect your parents’ house to your home, then you should set up a bidirectional “tunnel” between your Fritzbox and your parents’ home’s Virgin router.

Setting up a VPN correctly requires extensive knowledge of network technology and a certain amount of experience.
But with the image of the tunnel, the whole thing takes on a form that is easy to imagine.

Much luck,
ernolf