Port forwarding inside LAN

Hello all,
I have the NAS with Open Media Vault and Nextcloud in my local network ( Nextcloud is using ports 444 for https and 81 for http. In order to access nextcloud from the internet I got domain (domain.name), add my external IP to public DNS, configured port forwarding on OpenWRT from WAN 80 => and WAN 443 => It works both from the internet and my local network.
In order to make transfers faster in case of using my local network I want to route all local traffic from domain.name to Is there any way to route all traffic from my LAN with destination "https://domain.name(:443)" to ""?

I tried to add to /etc/hosts line with "domain.name". Currently it works only if I specify port in the browser like "https://domain.name:444/nextcloud/apps/files/", but this is not a desirable behavior.
Also I tried to make rules for LAN to LAN port forwarding:

uci add firewall redirect # =cfg113837
uci set firewall.@redirect[-1].dest_port='444'
uci set firewall.@redirect[-1].src='lan'
uci set firewall.@redirect[-1].name='nextcloud_local'
uci set firewall.@redirect[-1].src_dip=''
uci set firewall.@redirect[-1].src_dport='443'
uci set firewall.@redirect[-1].dest_ip=''
uci set firewall.@redirect[-1].dest_port='444'
uci set firewall.@redirect[-1].dest='lan'
uci set firewall.@redirect[-1].target='DNAT'

but it also didn't work. any ideas?

If you want to bypass the router then you have to add the port forwarding or change ports on the NAS.

So this is my question - how to do port forwarding inside LAN? I showed my configuration for the port forwarding in the initial message and it doesn't work

Traffic between two LAN devices does not reach the router's CPU, no firewall rules can do what you need.


Any idea how it can be done?

Lookup the documentation for the content server and apply a port rewrite (443 -> 444) directive.

1 Like

So there is no way to make it possible using OpenWRT, it should be done from server ( side?

This requires the server to listen to 443 already, or to redirect with iptables on the server.

1 Like

OpenWrt is just the name of the distro. Do you mean LuCI? There is a package luci-app-uhttpd

Description: uHTTPd Webserver Configuration

that may help, if you are using uHTTPd

Saying OpenWRT I mean the router. How a webserver on the router will help me to resolve the issue?

If both devices are in the same lan (192.168.1.X) then they can communicate directly without passing traffic through OpenWrt.
If you need to enforce some policies, you'll need to either do it on the web server or move the server to a different firewall zone.

1 Like

My bad, I missed the part that the web content server is running on the NAS instance and not the router...

What @anon45274024 says is technically possible, but it requires a web server on the router which is capable to rewrite and redirect the packets.
For example.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.