Cloudron not responding to outside network.

Pixel

I'm quite new to this but I am trying to setup a cloudron server on a Ubuntu 20.04 server running at my home. When trying to access the server my.(domain) [details will be obscured for privacy sake] it loads and responds with a "(domain) took too long to respond" error. When connecting from the inside network it works perfectly fine and shows the dashboard.

I have also ran into an error that keeps cycling within the logs when trying to renew the certificate which is;

Jun 03 13:56:06 box:cert/acme2 sendSignedRequest: using nonce 0002pNtxN0m5FbCXBBAOA8ZuOylYD2olPnaiJLpM1lZOEak for url https://acme-v02.api.letsencrypt.org/acme/chall-v3/115507634446/2Gjk3w
Jun 03 13:56:07 box:cert/acme2 waitForChallenge: status is "invalid" "{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"(publicip): Fetching http://my.(domain)/.well-known/acme-challenge/Lm4E0Qj2YQuqtm0v3J0hXwBxk19v_T7W_tc93Cy0C5c: Timeout during connect (likely firewall problem)","status":400},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/115507634446/2Gjk3w","token":"Lm4E0Qj2YQuqtm0v3J0hXwBxk19v_T7W_tc93Cy0C5c","validationRecord":[{"url":"http://my.(domain)/.well-known/acme-challenge/Lm4E0Qj2YQuqtm0v3J0hXwBxk19v_T7W_tc93Cy0C5c","hostname":"my.(domain)","port":"80","addressesResolved":["(publicip"],"addressUsed":"(publicip)"}],"validated":"2022-06-03T03:55:44Z"}"
Jun 03 13:56:07 box:cert/acme2 Attempt 2 failed. Will retry: Unexpected status when waiting for challenge: invalid

This error cycles for a couple of attempts before using fallbacks, which I haven't provided it with any. This may be the source of the problem but I am unsure.

The biggest question is why it would not respond to the outside, whether it's a port forwarding issue (though I have both 80 and 443 forwarded to my server's internal ip, or something else.

I have tried some fixes from other similar cases but they all seem to not fix or affect the problem in any way. If there are any other possible fixes available I am open to suggestions.

Thanks.

nebulon

Assuming you run your Cloudron on-premise, can you curl your Cloudron on both port 80 and 443 using your public IP address? Also can you ensure that the DNS records are pointing to the correct IP address? If you are using a residential ISP connection, your IP might change over time or on reconnect, for this take a look at our dyndns feature https://docs.cloudron.io/networking/#dynamic-dns

Pixel

@nebulon Hi, the DNS records seem to match with what https://www.whatismyip.com/ it is, as well as the WAN IP on the router's settings, and I am also fairly certain that the Public IP that we have been given is static.

If I try to curl to <publicip>:80 or :443 within the terminal of the server itself it does not seem to respond, and responds with:

curl: (28) Failed to connect to <pulicip> port 80: Connection timed out

and

curl: (28) Failed to connect to <pulicip> port 443: Connection timed out

However, when curling to it on my windows laptop, I get a response of the HTML which displays the "You are seeing this page because the DNS record of <publicip> is set to this server's IP but Cloudron has no app configured for this domain." page. Which lines up to what I see when I actually put that into a web browser.

However when off the network (on mobile hotspot) on the laptop I get;

C:\Users\XXXXX>curl <publicip>)
curl: (28) Failed to connect to <publicip> port 80 after 21045 ms: Timed out

nebulon

@Pixel this very much sounds like the port fowarding in your router does not work correctly then. Can you double check that?

girish

Also, please check if your router supports hairpinning https://en.wikipedia.org/wiki/Network_address_translation#NAT_loopback . This is what loops back a request to a public IP back into your private network.