I am new to OpenWrt. I have managed to install it on a Linksys WRT 1200ac. I've configured the connection to my ISP and the wireless network. I've figured out almost everything, except the following:
I need to access a web app hosted on a Raspberry Pi inside my LAN, using a Duckdns domain name and a specific port, from both outside and inside of my network. For this, I've created a rule in Network > Firewall > Port Forwards. (Source zone: wan; External port:8123; Destination zone: lan; Internal IP address: 192.168.1.156 (Raspberry Pi); Internal port:8123). I am able to connect from outside the LAN using the Duckdns URL, but not from the inside (ERR_CONNECTION_REFUSED).
I've unchecked the " Discard upstream responses containing [RFC1918] addresses" option in Network > DHCP & DNS > General Settings
I've unchecked the "Do not forward reverse lookups for local networks." option in Network > DHCP & DNS > Advanced Setting
I've added the Duckdns hostname in Network > DHCP & DNS > Hostnames
Hi! Thanks for your reply! If I ping for example the Duckdns URL from inside my network it will ping the external IP, which is ok.
If I put the Duckdns URL with no port I can access the OpenWRT web interface. Only when I put the port I get the ERR_CONNECTION_REFUSED in the browser.
Initially, in the Hostnames, I added the public IP. After reading your reply I changed it to the internal IP of my Raspberry Pi and it's working! Thank you!
I thought that the Duckdns needs to be associated with the router and then it will forward the request to the local machine based on the forwarding rules. Is it possible to use the same Duckdns subdomain to access a different internal machine (on a different port)?
From WAN, yes, just forward different ports to different local IPs and/or ports.
On LAN, not as easy, since the traffic isn't passing any router/firewall, where you can control where it's going.
I don't use luci that much, but on my router I do:
/etc/config/dhcp:
config dnsmasq
list address '/mydomain.dyndns.org/192.168.1.15'
And it works to have mydomain.dyndns.org resolve to 192.168.1.15 for any LAN client.
For the ports, I don't remember the details, but the fakeinternet package has a few FW rules to help route specific domains to a different IP and then request to that IP forwarded to a specific port on the router's IP. Maybe you can use something similar.