Firewall / Port Forwarding Question

Background

I have a Sunpower solar panel system and the application doesn't let me get detailed information on the per-panel production - however - there is a LAN port on the box so I've taken a travel router TPLINK WR902ACv3 - put OpenWRT on it and I've joined it to my network.

My goal is to setup port forwarding so I can hit the router at: 192.168.1.77:8080 and have that forward to 172.27.153.1:80

I am currently able to ssh into the router and do a

curl -v 172.27.153.1

And it works fine - however if I try to use the forwarded ports:

from a different machine

curl -v 192.168.1.77:8080

I end up with a request timed out.

Here is what my Forwarding/Firewall settings look like.

deleteme1940×1159 256 KB

I'm wondering if the firewall to reject all WAN stuff is breaking things - or what I may have done incorrectly.

Thanks!

WAN IP: 192.168.1.77
LAN IP: 172.27.153.10
Lan Target: 172.27.153.1

So if I do a

uci show firewall

the last rules is:

firewall.@redirect[2].src=wan'
firewall.@redirect[2].src_dport='8080'
firewall.@redirect[2].dest='lan'
firewall.@redirect[2].dest_port='80'
firewall.@redirect[2].dest_ip='172.27.153.1'

The redirect is correct, but it seems to me that the box doesn't have default route and doesn't know where to send the replies. In this case you'll need to add a SNAT:

uci add firewall nat
uci set firewall.@nat[-1].dest_port='8080'
uci set firewall.@nat[-1].src='lan'
uci set firewall.@nat[-1].name='test'
uci set firewall.@nat[-1].target='SNAT'
uci set firewall.@nat[-1].dest_ip='172.27.153.1'
uci set firewall.@nat[-1].snat_ip='172.27.153.10'
uci add_list firewall.@nat[-1].proto='tcp'
uci commit firewall
service firewall restart

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.