Telegram Trigger: reserved IP address

I set up my n8n in Docker on a NAT VPS with IPv6 access. When I try running a Telegram Trigger node, I get the following error:

Telegram Trigger: Bad Request: bad webhook: IP address *[my ipv6]* is reserved

The server has Apache2 but it is turned off and disabled on boot, with port changed to 8080. I restarted the server after doing all that and I confirmed I can no longer access apache.

Thanks for your help!

Hi @heigbre,

It doesn’t look like a port error so I wouldn’t worry about Apache at the moment. A quick search online shows it is a fairly common error with Telegram webhooks and could be down to the library being used.

What version of n8n are you using and have you tried setting it to use an ipv4 / fqdn instead to see if it is just an ipv6 oddity.

Hey, @jon
Thanks for replying.

N8n version is 0.137.0

I honestly am not sure how to configure an ipv4 on this nat vps. My research also showed that maybe using letsencrypt for the certificate might be causing issues. But again, I don’t know how to set my own certificate to the n8n domain :sweat_smile:

I don’t think it is the cert either I am sure that is a different error message.

What is a NAT VPS? Is that a specific provider?

A NAT VPS is an IPv6-primary VPS with shared IPv4 access

I wonder if that has something to do with it then, if someone with the shared IP is already using it for a bot you will have issues.

Could be worth making sure you have all the environment options configured to use your domain and take it from there.

Who is the VPS provider?

Do you have n8n correctly configured to use a domain? If you are not sure, different question, if you click on “Webhook URLs” on the Telegram Trigger node, does it there display something like https://[SOME-IP like 127.0.0.1]/... or https://[SOME-DOMAIN like example.com]/...? Because it should be the latter.

Yes it is using the domain and the URLs are indeed starting with my subdomain. What I found, however, is that Telegram webhooks only use ipv4 and ipv6 is not supported per their documentations:

You’ll need a server that:

  • Supports IPv4, IPv6 is currently not supported for webhooks.

So there is that unfotrunately.

I am not sure if I might be able to get around it through, as the server actually does have domain forwarding to its internal ip and a shared ipv4 in the control panel.

Ok so here is what I am able to do so far:

  • add A record for my subdomain to the shared ipv4 of the VPS
  • add a domain forwarding rule (on cpanel) from that subdomain to the private local ipv4 on port 443

Now I am able to reach n8n from the subdomain directly using https, but the certificate says NET::ERR_CERT_AUTHORITY_INVALID

When trying to use the Telegram Trigger, I am not getting the ip reserved error anymore, but the webhook is not being registered.

1 Like

you will need to use a valid cert on the host if you are now using a subdomain eg. n8n.domain.com

you can use lets encrypt…

personally I use cloudflare teams to route all the traffic to my internal instance.

1 Like