Hi
I installed a openwrt 19.0.7 as main router at home. I have a small server exposing ports 80 and 443. This works fine.
My internal server is set to redirect all http request to https port, that worked fine with my previous router (from the internet company).
Now I have added the Port forward rules in openwrt but when try to access to the http site I am having an error "Client sent an HTTP request to an HTTPS server". If I type in the address bar https:// then it works fine
I think is related with some fw rules since I can overwrite the address in my host file and locally the redirection works as before, but not going via the openwrt fw.
I just have this rules and the default ones in openwrt:
root@Router:~# uci show firewall
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood='1'
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].network='lan lan2'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].network='wan'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-IPSec-ESP'
firewall.@rule[3].src='wan'
firewall.@rule[3].dest='lan'
firewall.@rule[3].proto='esp'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-ISAKMP'
firewall.@rule[4].src='wan'
firewall.@rule[4].dest='lan'
firewall.@rule[4].dest_port='500'
firewall.@rule[4].proto='udp'
firewall.@rule[4].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@redirect[0]=redirect
firewall.@redirect[0].dest_port='443'
firewall.@redirect[0].src='wan'
firewall.@redirect[0].name='HTTPS'
firewall.@redirect[0].src_dport='443'
firewall.@redirect[0].target='DNAT'
firewall.@redirect[0].dest_ip='192.168.1.11'
firewall.@redirect[0].dest='lan'
firewall.@redirect[1]=redirect
firewall.@redirect[1].dest_port='443'
firewall.@redirect[1].src='wan'
firewall.@redirect[1].name='HTTP'
firewall.@redirect[1].src_dport='80'
firewall.@redirect[1].target='DNAT'
firewall.@redirect[1].dest_ip='192.168.1.11'
firewall.@redirect[1].dest='lan'
firewall.@redirect[1].proto='tcp'
Thanks a lot.