No Luci/SSH after sys upgrade and restore

I have two AX3600 routers where the secondary is connected with wireless bridge mode.
Main router has management IP 192.168.254.1 and secondary 192.168.254.2. Today I tried to upgrade the second router and before doing this, took a backup of the system in Luci.

After the sysupgrade both Luci and SSH didn't connect anymore over 192.168.254.2. Luci makes sense as it was a snapshot upgrade but SSH got me puzzled. I reset the device, got connected over SSH and restored the config... again the same issue. Then I flashed back the previous openWRT version and restored the config, still no SSH. Meanwhile the router/bridge is working fine, I just can't manage the device anymore.

Pinging 192.168.254.2 returns: Destination port unreachable

network config:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd43:2b22:bf23::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'wan'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.254.2'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option gateway '192.168.254.1'
	list dns '45.90.28.191'
	list dns '45.90.30.191'

firewall config:

config defaults
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

I'm quite new to openWRT so not sure if I'm doing something wrong here?

but maybe I'm wrong

I assume you have reverted to a source state your ip address should be:

192.168.1.1

direct ethernet connection between your pc and the secondary router

to check this you need to change your current ip address on your pc to something like 192.168.1.60 and try pinging
192.168.1.1

Yeah I can reset and SSH to 192.168.1.1 then install Luci and do a config restore but after that Luci/SSH is not working anymore while the config (bridge setup etc) is working fine otherwise.

I did not understand ...

What address does the secondary router currently have?

how was it configured?

how would you like to configure it?

please post current config

cat /etc/config/network

I fixed this problem a while ago by re-flashing the factory image, which was a pain in the butt. (back to stock and tftp factory image). After that I could restore and everything worked again.

Treat this as a last resort option if everything fails

1. The secondary should have IP 192.168.254.2, like before.
2. It was configured by restoring the working config after doing a full reset of the device.
3. I want it behave like it used to do and it does with the exception that I can't connect to Luci/SSH anymore.
4. In my initial post you can find the network and firewall config that is part of the backup that I restored. Can't do cat as I can't connect.

1. reinstall openwrt
   https://firmware-selector.openwrt.org/?version=23.05.0-rc2&target=ipq807x%2Fgeneric&id=xiaomi_ax3600
2. install relayd package
3. disable firewalls
4. disable dhcp
5. restore from backup only:
   /etc/config/network
   /etc/config/wireless
6. reboot secondary router
7. re-change your lan connect

suppose:

from this document:
Disable DHCP for the LAN interface (as it does prevent relayd from working). Click Save.
Removing redundant WAN interface and firewall zones (Optional)
Installing relayd package

Just make sure that your PC has the IP address from the same subnet as your router, at any given moment.

It can be tricky when you change the subnet of the router from 192.168.1.x to 192.168.254.x

Restoring config should fully work. But only if the backup is made from the same OpenWrt major version release as the new firmware. Restoring a backup made from 21.02 into a new 23.05 may be problematic etc. (but even that mostly works. but there can be config changes rendering incompatibility for some routers)

Thanks, this is something I can test this weekend.