Allowing access to LAN devices through WAN


Hope this is in the correct category, if not I would appreciate it if the admin(s) would move it.

I recently bought a device from a manufacturer called "Waveshare" and the model being "WS-431E".

Now I assume since a part of the URL to login to the web interface is "/cgi-bin/luci/" that it is running OpenWRT. I don't have SSH access to the device (checking with the manufacturer right now) but I'm attaching screenshots and according to me it looks like it.

Which version of OpenWRT? I am unsure, currently in the process of finding that out.

I'll start with general information about the setup (sorry, can't embed pictures since there is a limit to 1 embedded picture per post for a new user):

"Network" > "WAN":
My current "WAN_WIRED" config is as follows:

Protocol: Static address
IPv4 address: <from ISP>
IPv4 netmask: <from ISP>
IPv4 gateway: <from ISP>
IPv4 broadcast: <blank> (I've calculated this using the "IPv4 address" and "IPv4 netmask" so I have an address but unsure if I should enter it. I mean....sure for broadcast traffic but I only understand broadcast in terms of LAN and really don't understand it in terms of WAN)
Use custom DNS servers: (Google) (Cloudflare)

"Network" > "Diagnostics" and trying to ping "" from the router itself returns 5/5 packets received.
Same but doing a "nslookup" against "" returns:

Address 1: localhost
nslookup: can't resolve '': Name or service not known

Checking "LAN":

My current "LAN" config is as follows:
Common Configuration

General setup

Protocol: Static address

IPv4 address:
IPv4 netmask:
IPv4 gateway: <blank> (here I am guessing the GW should be "IPv4 address: <from ISP>" as configured under "WAN"?)
IPv4 broadcast: <blank> (here I am guessing the broadcast should be ""?)
Use custom DNS servers:

DHCP Server

General Setup

Ignore interface: Unchecked (Disable DHCP for this interface)
Start address: 100
Limit: 150
Leasetime: 12h

"Firewall" > "General settings":

"Firewall" > "Port Forwards":

"Firewall" > "Traffic Rules":

Questions (other the comments above):

  1. My "WAN_WIRED (eth0)" is showing red?
    When I tried this router with a prepaid mobile broadband ("4G") SIM the WAN-interface "WAN_4G" lit up green without any further configuration. As of now I am only using a wired ethernet connection and the SIM-card is removed and that is why "WAN_4G" is red and "blank".

  2. I am able to reach the web interface of the router which runs on 8080 by accessing the external ip of the router on port 80 but I am not able to reach port 80 on LAN device when accessing the external IP of the router on port 81. Specifying :81 returns "ERR_CONNECTION_TIMED_OUT" wheras :80 (or simply using "http") returns the login page to the router.

Appreciate your time regardless for reading this :slight_smile:

Best Regards / TheSwede86

This device is not supported by OpenWrt.

Chances are that this is a highly modified vendor firmware that is based on OpenWrt, but is not actually the same as what you see from the official project.

Therefore, you'll need to ask your questions to the vendor/manfuacturer, or the support forums that specifically deal with this device.

1 Like
  • Since OpenWrt isn't an OEM, that's highly unlikely
  • Red in OpenWrt means that the interface is assigned to the WAN Firewall Zone
  • Green means LAN firewall zone
    • on another OEM's firmware colors - unknown

This description sounds nothing like OpenWrt, the web GUI is not accessible from WAN by default.

1 Like