I want to forward (temporally) all my traffic from one IP to a destination IP in a different network on the some OpenWrt router (TP link archer C7 v5).
10.5.20.20 => 10.5.1.99
My "lan" network 10.5.1.1
My "Iot_zone" network 10.5.20.1
I tried this rule firework rule, but even a ping is not working:
> config nat
> option src_ip '10.5.20.20'
> option dest_ip '10.5.1.99'
> option name 'HAOS_NAT'
> option target 'ACCEPT'
> list proto 'all'
>
> config forwarding
> option dest 'iot_zone'
> option src 'lan'
>
It is not clear what do you want to achieve.
If you want to forward all traffic destined to 10.5.20.20 into 10.5.1.99 then you need a DNAT.
uci add firewall redirect
uci set firewall.@redirect[-1].dest='lan'
uci set firewall.@redirect[-1].src='iot_zone'
uci set firewall.@redirect[-1].target='DNAT'
uci set firewall.@redirect[-1].name='test'
uci add_list firewall.@redirect[-1].proto='all'
uci set firewall.@redirect[-1].src_dip='10.5.20.20'
uci set firewall.@redirect[-1].dest_ip='10.5.1.99'
uci set firewall.@redirect[-1].reflection='0'
uci commit firewall
service firewall restart
If this is not what you want to do, explain it in a more clear way.
Hey thanks for your response.Yes that is exactly what I'm looking for:
I wanted to forward all traffic destined to 10.5.20.20 into 10.5.1.99
I did not know that DNAT has been placed under port forwarding in luci, but the config files firewall looks easy to understand.
But it not really working, unfortunately:
The DNAT is not working for device in the same Network (IOT 10.5.20.1/24)
But it is working for device which are in a different Network.
I guess messages within the same Network are not really been routed. (even for WIFI devices)
So this firewall rule can not work in this case unfortunately .