Cannot connect to server form inside LAN

My router is set up as 192.168.2.1 and my LAN is 192.168.2.0/24. I have a single MineCraft server on the LAN as 10.10.2.2. I have configured the Network and the Firewall in OpenWRT so that I can ping it and can even connect to it to manage it.
I can ping from the network:

$ ping 10.10.2.2
PING 10.10.2.2 (10.10.2.2) 56(84) bytes of data.
64 bytes from 10.10.2.2: icmp_seq=1 ttl=62 time=7.99 ms
64 bytes from 10.10.2.2: icmp_seq=2 ttl=62 time=7.60 ms

I can ping even the minecraft port

$ ping 10.10.2.2 -p 25565
PATTERN: 0x255605
PING 10.10.2.2 (10.10.2.2) 56(84) bytes of data.
64 bytes from 10.10.2.2: icmp_seq=1 ttl=63 time=0.782 ms

But when I try to connect form Minecraft. I get 'connection timed out'.

If I connect to the management page on port 8443 from a browser, I can log in and manage it. I just cannot connect to it from the game. What do I need to change to get this to work. It did at one time and I don't "think" I changed anything.
image

It appears that you have not assigned the Minecraft network to a firewall zone. Try assigning it to the lan zone and see if that solves your issue.

Can you post your network and firewall configuration files, please?

Minecraft and lan interfaces are overlapping on br-lan. Is there a particular reason you have done it like this?
From which client host are you trying to connect?

Use ssh to connect to the device.

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru
2 Likes

I will check this tonight when I get back home and post the results.

I set up the router like this so I could have a separate subnet just for the Minecraft server. Maybe I did not do it 'correctly', but I wanted to be able to easily set a time based firewall rule to preclude any LAN addresses from being able to connect to it. I am not running DHCP and there is only the server at 10.10.2.2 and the interface in OpenWRT at 10.10.2.1
It worked at first. I could configure via the web interface and also could connect to the server from the app running on multiple machines in the 192.168.2.x network to the 10.10.2.2 server. It quit working after a few OpenWRT upgrades. My guess is I did not have it properly configured and the only reason it worked was due to some other error. I am interested in 'the right way' to do this.