I have two (in reality there are more, but for this case only two are relevant) subnets configured:
- 192.168.0.0/24 (lan), and
- 192.168.20.0/24 (vlan_20)
My openwrt router is on 192.168.0.1.
On 192.168.0.2 is a webserver, and I made a port forward from wan port 80 to 192.168.0.2:80.
This works fine: the domain mywonderfulwebserver.org resolves to the wan address, where openwrt il doing it's thing, and so from the internet I can access my webserver.
It also works fine from lan: from a computer on 192.168.0.0/24, let's say 192.168.0.23, i can open mywonderfulwebserver.org that resolves to the wan address of openwrt in my browser and access the webserver on 192.168.0.2.
But it does not work from vlan_20: form a pc 192.168.20.5 mywonderfulwebserver.org resolves to the wan address of openwrt, but then I get a connection refused. If I access 192.168.0.2 by ip it works, and I get a connection to the webserver.
I could use split dns, and make mywonderfulwebserver.org resolve to 192.168.0.2 from clients in the 192.168.20.0/24 subnet, but I would rather make it work without having it resolve to different ip addresses based on who is asking.
Can this somehow be done? Can I make vlan_20 work like lan for this?
What is blocking the connection from 192.168.20.5 -> wan address -> forward to 192.168.0.2?