Port Forwarding without PBR entry : No Route to Host

Hello !

I am writing this post to share my experience. My problem is related to pbr, similar to this one and the solution worked well.

But the symptoms were different. I got an error : No route to host

I am creathig this topic for less experienced users like me. Hopefully the search engine will direct them here. Here is my story ....

I have the Policy Based Routing Service installed on my BT Home Hub 5A running OpenWRT 22.03.2. My normal br-lan traffic is routed through a wireguard vpn. The default outgoing port is wan. Guest wifi br-guest is routed through an openvpn device tun0. This arrangement works very well.

I had a problem while accessing one of my lan-client laptops from outside. To issue ssh access to the lan-client laptop, I opened an obscure wan port and port-forwarded it to the lan-client laptop. The linkage worked well, I could see the relevant traffic in tcpdump. However, the ssh-client ( = my phone connected over mobile data ) reported : No route to host.

So I stopped the pbr service and my phone connected. This served as a temporary workaround. Whereas I was looking for a permanant solution to connect the ssh without interrupting the pbr service. I found the above topic at the right time.

The solution is same as stangri stated. Accordingly I inserted a policy entry with lan-client laptop's ssh port specifically routed through wan.

The learning point for me is : If pbr service is running and a port forward is configured, it must match with a reciprocating pbr rule.

The solution needs wan to be the default gateway. Is it this option?

LuCI --> Services --> PBR --> Advanced Configuration --> Default ICMP Interface

If not, I would request pbr author stangri ( am I right? ) to add a field that explicitly assigns a default gateway.

Thank you for reading my ( success ) story!