You haven’t provided any information for us to help.
Https isn’t working for what? Connecting to the router itself? Connecting to websites on internet?
What happens? And from where are you connecting? What device, operating system and browser are you using? Have you tried others?
And let’s see your config:
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/firewall
cat /etc/config/uhttpd
2 Likes
Are you using OpenWrt?
Or some "based on OpenWrt" firmware?
1 Like
sorry,it's immortalwrt,from openwrt
Connecting to the router.
root@ImmortalWrt:~# ubus call system board
{
"kernel": "6.6.67",
"hostname": "ImmortalWrt",
"system": "Intel(R) N100",
"model": "Microsoft Corporation Virtual Machine",
"board_name": "microsoft-corporation-virtual-machine",
"rootfs_type": "ext4",
"release": {
"distribution": "ImmortalWrt",
"version": "24.10.0-rc3",
"revision": "r32584-afde822cf7f9",
"target": "x86/64",
"description": "ImmortalWrt 24.10.0-rc3 r32584-afde822cf7f9",
"builddate": "1735200175"
}
}
root@ImmortalWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd7f:9c36:3f20::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
list ports 'eth2'
list ports 'eth3'
list ports 'eth4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option ip6assign '60'
list dns '223.5.5.5'
list dns '1.0.0.1'
list dns '119.29.29.29'
config interface 'wan'
option device 'eth1'
option proto 'pppoe'
option username '18377591264'
option password '127672'
option ipv6 'auto'
config interface 'wan6'
option device 'eth1'
option proto 'dhcpv6'
config interface 'gm'
option proto 'dhcp'
option device 'eth1'
config interface 'wg'
option proto 'wireguard'
option private_key 'iDtXCBMEcw9TE8+j0ll+iPJnymCKrBNE2x8mf1Vcfk4='
option listen_port '9999'
list addresses '10.0.0.1/24'
list dns '223.5.5.5'
list dns '1.0.0.1'
list dns '2400:3200::1'
list dns '2606:4700:4700::1111'
config wireguard_wg
option description 'phone'
option public_key 'KnXCFvZ3W6lRbPzkAJ8+ZOPeyWb3QENcoXyQIY7bizQ='
option private_key 'wLv6/vV4vDnRCjwYxZXNQRRYQ240/nYn/GfRKkplEXk='
list allowed_ips '10.0.0.2/24'
option route_allowed_ips '1'
option endpoint_port '9999'
option persistent_keepalive '25'
option endpoint_host 'ling0.v6.navy'
config interface 'zero'
option proto 'static'
option device 'ztqu3k6d36'
option ipaddr '192.168.193.3'
option netmask '255.255.255.0'
list ip6addr 'fcb1:2183:4af9:4756:5eb1::1'
config wireguard_wg
option description 'pc1'
option public_key 'OaicJOSsTBRPCQJRWDGOoS5fUCzROluEWVlsH7anvyU='
option private_key '6O7IzPKL8Xt5YIy4J75u/7UQcHtoBo+Nw79KKWo7SXY='
list allowed_ips '10.0.0.3/24'
option route_allowed_ips '1'
option endpoint_port '9999'
option persistent_keepalive '25'
root@ImmortalWrt:~# cat /etc/config/firewall
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option flow_offloading '1'
option flow_offloading_hw '1'
option fullcone '1'
option auto_includes '1'
option synflood_protect '1'
option fullcone6 '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
list network 'wg'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'wg'
option src_port '9999'
option dest_port '9999'
option target 'ACCEPT'
option family 'ipv6'
option dest '*'
option src '*'
config zone
option name 'zero'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
list network 'zero'
config forwarding
option src 'zero'
option dest 'lan'
config forwarding
option src 'lan'
option dest 'zero'
config rule
option name 'zero'
option src_port '9993'
option dest '*'
option dest_port '9993'
option target 'ACCEPT'
option src '*'
option family 'ipv6'
config rule
option name 'ddns'
option src_port '80 443 8080'
option dest '*'
option dest_port '80 443 8080'
option target 'ACCEPT'
option enabled '0'
config include 'passwall'
option type 'script'
option path '/var/etc/passwall.include'
option reload '1'
config include 'passwall_server'
option type 'script'
option path '/var/etc/passwall_server.include'
option reload '1'
root@ImmortalWrt:~# cat /etc/config/uhttpd
config uhttpd 'main'
list listen_http '0.0.0.0:80'
list listen_http '[::]:80'
list listen_https '0.0.0.0:443'
list listen_https '[::]:443'
option redirect_https '1'
option home '/www'
option rfc1918_filter '1'
option max_requests '50'
option max_connections '100'
option cert '/etc/uhttpd.crt'
option key '/etc/uhttpd.key'
option cgi_prefix '/cgi-bin'
list lua_prefix '/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua'
option script_timeout '60'
option network_timeout '30'
option http_keepalive '20'
option tcp_keepalive '1'
option ubus_prefix '/ubus'
config cert 'defaults'
option days '730'
option key_type 'ec'
option bits '256'
option ec_curve 'P-256'
option country 'ZZ'
option state 'Somewhere'
option location 'Unknown'
option commonname 'ImmortalWrt'
Immortal wrt is not from Openwrt. It is an entirely separate project with a different team that took OpenWrt and made a substantially different fork.
It appears you are using firmware that is not from the official OpenWrt project.
When using forks/offshoots/vendor-specific builds that are "based on OpenWrt", there may be many differences compared to the official versions (hosted by OpenWrt.org). Some of these customizations may fundamentally change the way that OpenWrt works. You might need help from people with specific/specialized knowledge about the firmware you are using, so it is possible that advice you get here may not be useful.
You may find that the best options are:
- Install an official version of OpenWrt, if your device is supported (see https://firmware-selector.openwrt.org).
- Ask for help from the maintainer(s) or user community of the specific firmware that you are using.
- Provide the source code for the firmware so that users on this forum can understand how your firmware works (OpenWrt forum users are volunteers, so somebody might look at the code if they have time and are interested in your issue).
If you believe that this specific issue is common to generic/official OpenWrt and/or the maintainers of your build have indicated as such, please feel free to clarify.
2 Likes
sorry ,and thanks