Hi,
I have my router in OpenWRT and I have multiple networks configured in OpenWRT (ending in different VLANs): wan (PPPoE), lan (for end-users) and lanserver (for the server and the VMs of them). On the server multiple websites are running. They are also exposed to WAN with the following config:
On the server (10.1.4.3) is a dyndns service running that sets the public ipv4 of the wan network in DNS. When the end-users in the lan-net try to access one of the websites running on the server the traffic is only going to the OpenWRT but is not forwarded. I know that I've not configured it, so that what's happening is right with the currently set rules. But I don't know how to forward the traffic to the server. Maybe you can help me with this.
Hi,
thank you. For me the second option is really complicated but I tried the first option again. Now it's working. I think I tried this also before, but it's seems like I did something wrong.
Yesterday it worked but I tried this now again (the only thing I did in between was restarting the firewall once) and now it's not working. The current config is the following block:
I understood the reflection setting in fw3 wrong. It only added the reflection in the lanserver-net. Now I added the following custom roles (which are re-applyed on reload of the firewall):
source /lib/functions/network.sh
network_get_ipaddr wan wan
iptables -t nat -A zone_lan_prerouting -d $wan/32 -p tcp -m tcp --dport 80 -m comment --comment "fw3_firewall_user: Port Forward http lan (reflection)" -j DNAT --to-destination 10.1.4.3:80
iptables -t nat -A zone_lan_prerouting -d $wan/32 -p tcp -m tcp --dport 443 -m comment --comment "fw3_firewall_user: Port Forward https lan (reflection)" -j DNAT --to-destination 10.1.4.3:443