Ho to setup routing, firewall etc. for accessing my Nextcloud server from network guest?
My setup:
WAN --- openwrt router ----- lan --- Nextcloud server
|--------------- guest --- Nextcloud client
OpenWrt 22.03
internal networks lan (192.168.3.0/24) and guest (192.168.2.0/24)
Nextcloud server on lan (192.168.3.50)
server is accessable via. dyndns name like myserver.dyndnsserver.de
Nextcloud webserver is accessable via myserver.dyndnsserver.de/nextcloud. Access works if client is connected to lan (192.168.3) or completely outside my network e.g. from smartphone via cell.
Access does not work if client is connected to network guest (192.168.2)
Firefox shows message about self-certified certificate. The certificate is not the one i have certified but the one from the openwrt router.
If i accept the certificate in firefox, i get the message
Forbidden Rejected request from RFC1918 IP to public server address
make sure myserver.dyndnsserver.de resolves with the LAN IP of your Nextcloud webserver, when accessed from the LAN, currently it resolves with the WAN side IP of your router, since it's where your public FQDN/IP terminates.
What i do not realy understand is: For the client it should be possible to access any server in the internet, so also mine without any hole in the firewall between lan and guest.