Was the software title installed freshly or updated/migrated? Freshly
Can this issue be replicated on a fresh installation of DietPi? Yes
Can’t access Nextcloud from LAN
Beacuse I’m new at this home server stuff, I’ll try to explain everything clearly, sorry if it’s too much.
Steps
I followed this guide to install Nextcloud but without noip config and I didn’t install Nextcloud yet as I can get it working.
I have my ddns.domain. com in my shared hosting with my own domain in their dynamic DNS. I have a script on my RPI4 that runs hourly that calls to the URL of the dynamic DNS cPanel in case my public IP changes (it doesn’t unless I restart the router but just in case). Let’s encrypt is done via cerbot on Dietpi.
My router when I try to open and redirect ports 80 and 443 I get this error: The input external ports conflicts with service control ports. Please input another one. For what I read about my ISP they do use that ports for some admin related stuff. I read that I could ask for the admin password of my router and that should give me access to free those ports but It’s not sure they would give it to me or that I could actually free those ports.
What I tried
Change Lighttpd to listen on ports 8080 8443 as I read in another topic.
Open ports this way:
TCP 8080 - 80 8433 - 433 IP of my Dietpi
2.1. Outside LAN (my phone on mobile data):
ddns.domain. com:8443:
Connection is not secure.
I tap continue to site and get connection refused.
I read that NAT loockup could solve this and when I open my ports there’s an option to activate it but for what I read on forums in my router it’s cosmetic, it doesn’t do anything. ISP disabled it.
Conclusion
I’m at a loss. I don’t know (in a don’t have the knowledge) what to do.
reverse proxy? how?
try other ports
Edit
In my cPanel in the Dynamic DNS settings I can see there’s a SSL certificate issued for my ddns.domain .com. Beacuse I don’t know, maybe when I created a new SSL with dietpi-encrypt there’s confilct there?
If you are trying to access the lan server with a ddns domain name, it will most likely not work. This requires hairpin NAT and not all routers support it. You should use the internal IP address or internal hostname.
From outside you need to forward the port on the router. One problem can be CGNAT from your provider. Another problem can be provider blocking ingress traffic.
The issue might be your router, even a revers proxy will not fix this. Your router will need to handle the network traffic. Can you share the error you are receiving on your local computer if trying to access https://my.domain.com:8443. Ensure it’s https within the URL and not http
BTW: Lighttpd can be used as revers proxy. This is a functionality of modern web server.
That would be the easy way but rigth now ONT - ROUTER - SWTICH - ETHERNET CABLES. I can’t replace the ISP router if they don´t give me the conection details and they won´t. Any company in my country. I can´t connect ONT - ISP ROUTER (bridge) - ROUTER - SWITCH because is inside of my wall. There’s no room for another router.
Question, as your router seems to be customer unfriendly. Are you able to change/adjust anything on DHCP configuration? Like adjust local DNS server that is published to clients?
