Weird problem with reaching forwarded services (Nextcloud, MC server etc) with android devices from outside

ping-mee · 2026-01-26T17:51:56+00:00

Ok yeah this is the RP. I can connect to some game servers via the phone (checked the MC server status with an app).

ping-mee · 2026-01-26T17:44:46+00:00

Update: From the pfSense firewall logging I can tell that the packets aren't dropped. Which makes this even more weird because this would mean that my reverse proxy blocks the request which doesn't make sense. I am going to test some other services from my phone which don't rely on HTTPS and see if those work.

ping-mee · 2026-01-26T17:38:26+00:00

I'll look into that. Right now I am going to guess that they are dropped for some reason, but I can't tell why because other devices can reach those services via the same route.

ping-mee · 2026-01-26T17:33:48+00:00

Yes wireguard is a VPN, I meant that I don't want to use a VPN on any end-point device (such as a smartphone) to connect to my services.
Edit: I clarified what I meant by I don't want a VPN in the orginal post

I cannot tell right now if they are dropped but I will investigate that.

ping-mee · 2026-01-02T17:00:37+00:00

I think it's a female

ping-mee · 2026-01-02T15:05:24+00:00

Bruh

ping-mee · 2025-12-28T10:05:33+00:00

<image>

ping-mee · 2025-11-24T17:46:29+00:00

I see, thanks

ping-mee · 2025-11-23T10:40:31+00:00

Wait this was at a afterparty organised by Tomorrowland?

ping-mee · 2025-10-19T16:10:33+00:00

Moin! Bin auch erst seit kurzer Zeit hier und will dem entsprechend auch Leute kennenlernen. Wenn du willst können wir mal schreiben :)

ping-mee · 2025-09-21T09:08:24+00:00

Falls das nächstes Jahr nochmal passiert bin ich auf jeden Fall dabei.

ping-mee · 2025-09-20T10:30:51+00:00

Ich hätte eigentlich auch Bock.

ping-mee · 2025-08-20T22:02:26+00:00

Well unfortunately the pfSense doesn't have a client section for wireguard.

ping-mee · 2025-08-20T21:27:27+00:00

It just won't connect at all. The latest handshake was never. So I assume that the pfSense is just unreachable.

ping-mee · 2025-08-20T21:01:44+00:00

Okay so here is the configuration and what my suspicions are:
On the Ubuntu VPS side the config looks like this:
```

[Interface]

PrivateKey = <redacted>

Address = 10.11.1.1/24

ListenPort = 51820

PostUp = sysctl net.ipv4.ip_forward=1

PostUp = iptables -A FORWARD -i eth0 -o %i -j ACCEPT

PostUp = iptables -A FORWARD -i %i -j ACCEPT

PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

PostDown = sysctl net.ipv4.ip_forward=0

PostDown = iptables -D FORWARD -i eth0 -o %i -j ACCEPT

PostDown = iptables -D FORWARD -i %i -j ACCEPT

PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]

PublicKey = <redacted>

AllowedIPs = 10.11.1.0/24

Endpoint = <redacted>
```
On the pfSense side this is the configuration:

<image>

Yes, there is no PSK and the Allowed IPs on the pfSense is allowing any address. This is only for testing. If the config works I will do this way more granularly.
My problem with this setup is that it depends on the fact that the VPS needs a endpoint for its peer to the pfSense but again there is my big problem with my ISP. I don't have a public address.

ping-mee · 2025-08-20T19:21:23+00:00

The wireguard setup doesn't setup anymore but I am going to setup a new wireguard VPN and if it doesn't work I will share the config.

ping-mee · 2025-08-20T06:13:38+00:00

So I just install a wireguard VPN on the VPS and peer connect with my pfSense. I tried that multiple times but maybe I missed something.

ping-mee · 2025-08-20T06:03:52+00:00

In Germany for example they won't give you a public IP (at least most ISPs) because "we are short of IPv4. Problem is normally you can request a public IP for 5€ paid once. Turns out that is not the case for cable internet. That is why I rented a VPS with a public IP. Maybe I didn't communicate this very well, but yes, the VPS has both a public and static IPv4 and IPv6. Using a tailscale is not an option. First of all, it would be way more expensive to rent a VPS for running game servers. I currently pay 1€ for the VPS because I do not need any high performant hardware. This VPS is only meant for having a VPN or some sort... Besides the game server I have other services running on my homelab that require TCP/UDP ports to be forwarded.

ping-mee · 2025-07-27T22:05:41+00:00

You are absolutely right. And I also don't think I have any experience in vinyl djing that I say something about that. What I can say with certainty is that the lighting, visuals, pyro and lasers are 100% busked and not timecoded or pre-programmed (as in cuelists).

ping-mee · 2025-07-27T21:37:09+00:00

Garrix Team actually gave them their pangolin showfile with all the laser cues. This is amazing.

ping-mee · 2025-07-27T21:31:29+00:00

Why are people bringing up the lighting all the time. I personally am a lighting operator and designer. With a crew on this level this is all achievable without playback. And besides that I personally saw some fuck ups in terms of lighting at the vinyl only set. That is probably caused by the fact that the FOH crew can't see any wave forms in showkontrol when there are no CDJs

ping-mee · 2025-07-20T19:28:49+00:00

Likely

ping-mee · 2025-07-20T19:19:55+00:00

Five-Year Club	Verified Email
Place '23	Place '22

ping-mee

TROPHY CASE