GUI only: Manage LuCI from WAN with DDNS as source

OpenWrt Noob here. I am only interested in a solution doable in LuCI.

So I am thinking about using OpenWrt as a VM on a remote VPS with Proxmox and making OpenWrt the Exposed Host there.

And for that I want to make OpenWrt accessible from WAN but only for some IPs and my DDNS-address from Home. Can I do the latter in LuCI? I tried to make an IPSet in DHCP and DNS but I can't tell if I succeeded and I don't know how the rule must look like.
A regular rule with some IPs (not IPset) is working fine.

Setup a WireGuard server for access which is safe and easy.

Exposing Luci to the internet, especially using http, even when restricted to some IP addresses is not the most safe way to get access

To be clear, ipset is configured in firewall, not DHCP/DNS.

I created the ipset in firewall first and then in DNS, doesn't work either.

Still hoping someone is able and willing to help here.

Have you replaced the dnsmasq package with dnsmasq-full?

Network->DHCP and DNS->IP Sets

Network->Firewall->IP Sets (use the same set name)

Network->Firewall->Traffic Rules

image773×470 47 KB

System->Scheduled Tasks

System->System->Logging - Change Cron Log Level to Warning to avoid flooding the logs.

Unfortunately, if it doesn't work, you'll need to access the CLI for debugging purposes...

Thank you for the complete guide, it is working finally.

It is rather tricky I have to say. I want a GUI for my firewall but I am not sure if I save any time with OpenWRT.
I am using *Sense but it is to hungry for my cheapo VPS.

[quote="pavelgl, post:5, topic:205069, full:true"]
Have you replaced the dnsmasq package with dnsmasq-full?[/quote]
No.[/quote]

[quote="pavelgl, post:5, topic:205069, full:true"]
Unfortunately, if it doesn't work, you'll need to access the CLI for debugging purposes...
[/quote]And that is what I want to avoid. But it might be unavoidable.
Thanks again!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.