Connection timeout when trying to access from outside local network

I can ping the server and an nslookup resolves to the server IP correctly but whenever I try to connect from outside my network (over another wifi or 4G) the url just give a timeout. I checked the propagation and it is fine, I have domain and CNAME records on cloudflare for the subdomains and the ports are forwarded on the router. I cant find what's wrong with it.

This is my stack/compose:

version: '3'

services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
environment:
- CF_API_EMAIL=*************
# - CF_DNS_API_TOKEN=YOU_API_TOKEN
- CF_API_KEY=**********
# be sure to use the correct one depending on if you are using a token or key
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/pi/traefik/data/traefik.yml:/traefik.yml:ro
- /home/pi/traefik/data/acme.json:/acme.json
- /home/pi/traefik/data/config.yml:/config.yml:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(**.*******.xyz)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=:"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(**.*******.xyz)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik-secure.tls.domains[0].main=
***"
- "traefik.http.routers.traefik-secure.tls.domains[0].sans=.******"
- "traefik.http.routers.traefik-secure.service=api@internal"

networks:
proxy:
external: true

Here is my config.yml

http:
#region routers
routers:
pihole:
entryPoints:
- "https"
rule: "Host(***.***.******.xyz)"
middlewares:
- default-headers
- addprefix-pihole
- https-redirectscheme
tls: {}
service: pihole

pstore:
  entryPoints:
    - "https"
  rule: "Host(`***.***.******.xyz`)"
  middlewares:
    - default-headers
    - https-redirectscheme
  tls: {}
  service: pstore

services:
pihole:
loadBalancer:
servers:
- url: "http://192.168.1.20:8070"
passHostHeader: true

pstore:
  loadBalancer:
    servers:
      - url: "http://192.168.1.20:8081"
    passHostHeader: true    

middlewares:
addprefix-pihole:
addPrefix:
prefix: "/admin"
https-redirectscheme:
redirectScheme:
scheme: https
permanent: true
authelia:
forwardAuth:
address: "http://authelia:9091/api/verify?rd=https://..******.xyz"

default-headers:
  headers:
    frameDeny: true
    sslRedirect: true
    browserXssFilter: true
    contentTypeNosniff: true
    forceSTSHeader: true
    stsIncludeSubdomains: true
    stsPreload: true
    stsSeconds: 15552000
    customFrameOptionsValue: SAMEORIGIN
    customRequestHeaders:
      X-Forwarded-Proto: https


default-whitelist:
  ipWhiteList:
    sourceRange:
    - "10.0.0.0/8"
    - "192.168.0.0/16"
    - "172.16.0.0/12"

secured:
  chain:
    middlewares:
    #- default-whitelist
    - default-headers

And here is my traefik.yml

api:
dashboard: true
debug: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
serversTransport:
insecureSkipVerify: true
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: /config.yml
certificatesResolvers:
cloudflare:
acme:
email: *********
storage: acme.json
dnsChallenge:
provider: cloudflare
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
log:
level: debug

Can anyone help please?

Can anyone help please?

Hello @ahmedelakkad,

Can you access traefik from your local network ? If no, can you share the DEBUG logs ?

I can from all the devices on the local network. I found out that my ISP is blocking the ports up to 1024. Is there anyway in can setup Traefik on other ports than 80 and 443?

Yes, this is done when defining entrypoints : EntryPoints - Traefik

Thanks I will try it out

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.