I'm facing an issue when trying to access a nextcloud server that is configured at http://192.168.2.xxx:8085. I have access to this endpoint from my laptop, but not from my phone. Why is that?

For example, on phone's firefox I get the following message: "Unable to connect

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your device’s data or Wi-Fi connection."

As I check the nextcloud server logs, the request never made it through, indicating there is some setting isolating the phone from the local network.

  • de0u replied to this.

    VPN? You're not connected to your wireless? Are you running some kind of DNS on your phone? Try other browser?

      0xsigsev No VPNs connected nor listed. DNS is the OS default. JIK tested with another browser but no success.

      I have tried to connect to 192.168.2.xxx from both the browser and the nextcloud app.

      Worth mentioning I also have another server running on this very address, but different port, which I'm also not able to reach from my phone. I am able though to reach it from any other device I have.

          What is your network setup? Do u have vlans configured? How do u acces it from your other devices? On the same wifi accespoint? Cable?
          Are u perhaps connected to your guest wifi network with your phone, if u have any?

          This is most likely not an issue related to GrapheneOS.

            By any chance you have some kind of a whitelist? What's your IP on the phone and the other device?

              estevaoem 192.168.x.y is a private IP that can only be reached from a device that is at the same network, due to that you can reach from you laptop (connected by cable or WiFi). In your phone, are you connected to your home WiFi when trying to access your Nextcloud?

              Note: Due to 192.168.x.y IPs are private, you can publish it without security concerns, due to aren't available outside your network.

                  de0u That's interesting. I accessed the address from vanadium, it gave me the warning that the connection was not encrypted (http) and once I allowed it, I could access it from any other app.

                  Is there any sort of allowed addresses list vanadium keeps?

                  Thanks all repliers for your time by the way.

                    So, since my last reply, the phone stopped reaching the local network again, I'll consider the problem as not fixed and resume answering the replies:

                    r134a It's the default modem configuration, no VLANs in place. Other devices access the server from browsers using the same wifi access point. Not connected as a guest. Why do you think that is not related to GrapheneOS? Asking since it is the only device that isn't reaching the servers in local network

                    0xsigsev No I don't have whitelists configured. My phone ip is 192.168.2.157 and the server ip is 192.168.2.117

                    cdflasdkesalkjfkdfkjsdajfd thanks for noticing, I was already aware that i could share private ips, but somehow I tend to censor that kind of info for some reason :shrug:
                    Anyhow, all the devices (including the server) are connected through the wifi

                            de0u I tried accessing from vanadium once and it connected. However, the second time (right at this moment) I tried and it gave me a quick answer of ERR_ADDRESS_UNREACHABLE (indicating in my interpretention no presence of firewalls whatsoever).

                            As I was typing this answer, I refreshed the servers page on vanadium and it happened to have again access to the server.

                            As far as I can see, there is some rule in place, somewhere I can't tell, that is not letting me reliably access the local network from my phone.

                            Worth mentioning that this is only happening on my phone: when the phone looses connectivity to my local network, all other devices don't.

                                It may be due to strict mode (or whatever the name is) is enabled and you can't connect to your instance via http. Try https:// your instance.

                                  Just a guess, what happens if you disable cellular connectivity, that is, you put your phone in airplane mode with Wifi still enabled?

                                  I am wondering if it maybe isn't trying to connect through the Wifi. Maybe the cellular network provider is assigning an IP address in the same 192.168.2.0/24 range, confusing the system as where to send out the packets?

                                    estevaoem So, since my last reply, the phone stopped reaching the local network again, I'll consider the problem as not fixed [...]

                                    So, when the problem is in its non-fixed state, what error message does Vanadium report? Does Vanadium report that error quickly or slowly?

                                        0xsigsev Doesn't help. Since I have not configured TLS nor there are fallback implementations for when the server is called on port 43, the server is yet unreachable.

                                        ryrona Same behavior. I disabled the mobile network as it maybe could be interfering, but that's not the case.

                                        de0u mind checking if my previous answer answers your question?

                                              de0u By the way, the error I got was ERR_CONNECTION_FAILED, not ERR_ADDRESS_UNREACHABLE, sorry for the confusion

                                                estevaoem It's the default modem configuration, no VLANs in place. Other devices access the server from browsers using the same wifi access point. Not connected as a guest. Why do you think that is not related to GrapheneOS? Asking since it is the only device that isn't reaching the servers in local network

                                                I've mentioned that it most likely is not related to GrapheneOS, it could be though. But i for example also have a bunch of selfhosted services and have no issues, combined with the fact this is the only report regarding an issue like this, made me conclude it most likely isn't related to GOS.

                                                Did u try the suggestion of @0xsigsev by using https://, as far as i remember nextcloud automatically implements https with a self signed certificate. Did u try just for testing with a gecko based browser, for examole firefox? In my recent experience it seems firefox is less strict sometimes. (I've had a service (materialious) over https remote proxying another service accidentaly over http (invidious), and chrome refused to serve http content from a remote source requested by a https domain. Firefox on the other hand did't comolain and allowed mixed content.

                                                  estevaoem Worth mentioning that this is only happening on my phone: when the phone looses connectivity to my local network, all other devices don't.

                                                  If your phone's settings for your home network include "per-connection randomized MAC", can you try switching to "per-network randomized MAC", and then rebooting your router?

                                                      • r134a

                                                        • Post #18
                                                        • Edited

                                                        Apologies, in my last response i've asked if u tried https:// i just see u did. I've started typing when that comment wasnt there yet, and received a phone call, then finished typing and submit :)

                                                        Do u have any other services selfhosted than nextcloud? Do u have issue with these? Perhaps try setting up a simple apache webserver and see if u can connect to it with phone.

                                                          Thanks guys for the support so far, truly a helpful and strong community.

                                                          de0u already configured the phone settings to per-network randomized MAC on both wifi frequencies but didn't reboot the router yet. Will give it a try and see if the problem persists.

                                                          r134a Apologies, in my last response i've asked if u tried https:// i just see u did. I've started typing when that comment wasn't there yet, and received a phone call, then finished typing and submit :)

                                                          no worries (:
                                                          I do have another server running in the same machine and it does happen to share the same problem of the phone not being able to reach it sometimes.

                                                          At this point I'm suspecting this is not related to grapheneOS but rather something on my network as you mentioned. Got the same problem on wife's iPhone, but not on other laptops and tablets we have.

                                                                estevaoem Hmm, do u mind sharing what service? I was suspecting it perhaps was something with your nextcloud config, although network is certainly plausible aswell.

                                                                Can u try maybe with a simple apache webserver with just http? It's likely its already included on your server and should be as simple as sudo systemctl start apache2, then check http://ip:80 (if 80 isn't used by any other servive).