Not able to ping wan IP

SyedAhmedMohiuddinPe · September 25, 2020, 1:58pm

             upstream_router
              /           \
  other_machine          openwrt_router
  172.22.2.101           wan_IP: 172.22.2.100

I'm not able to ping OpenWRT router(172.22.2.100) from 172.22.2.101
below is the section I added in my firewall file

config rule 'icmp_wan_0'
    option  src  'wan_0'
    option  target  'ACCEPT'
    option  proto  'icmp'

below is the interface configuration in the network file

config interface 'wan_0'
    option  ifname  'eth1'
    option  proto  'dhcp'
    option  disabled  '0'

mk24 · September 25, 2020, 2:09pm

By default, OpenWrt will answer pings on the wan interface. This is enabled by this rule:

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

In the firewall config file, option src is a firewall zone name, not an interface name. When you create new interfaces you need to either include them in an existing zone or create a new zone for them. The default configuration includes an interface named wan and a zone named wan but these are not the same thing.

It is also possible that the "upstream router" is blocking these pings.

trendy · September 25, 2020, 2:40pm

Without looking at the whole network and firewall files, I can presume that you created a new wan_0 interface and a wan_0 firewall zone for that, but didn't allow pings.
The scenario which you describe works out of the box.

SyedAhmedMohiuddinPe · September 25, 2020, 2:45pm

It worked after changing to zone name from the interface name. Thanks. Thanks a lot.

system · October 5, 2020, 2:45pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.