I have configured port forwarding from ip 192.168.120.124 with port 5774 to ip_public_158 with port 5774, the problem I get is when a client from the same ip segment (or under the openwrt router) accesses the domain from ip_public_158 with port 5774 it can't, while access from outside the router can.
Arch : x86/64
firmware : 22.03.2 r19803-9a599fee93 / LuCI openwrt-22.03 branch git-23.093.57104-ce20b4a
ip_public_158 (103.x.x.x with domain)
loadbalance (wan & wan_2)
lan ip (192.168.120.0/24)
I have the following topology this one
config port forwarding
while access on same ip segment with domain ip_public_158
while access outside router with domain ip_public_158
if they're on the same subnet, the traffic isn't going via the firewall.
but client access web using domain on ip_public_158..
if i access directly using ip 192.168.120.124:5774, ya it can. the problem is, user cannot access port 5774 on ip_public_158 while same subnet or under router openwrt
then you need to make sure your FQDN resolves to 192.168.120.124 when queried from within the network.
FQDN only use for domain openwrt.
already query when access only domain without port.
user when under router or outside router
apk.xx.id to openwrt
apk.xx.id:5774 to web 192.168.120.124
while access on same ip segment with domain ip_public_158 to port 5774
while access outside router with domain ip_public_158 to port 5774
you might want to reread my answers, and understand them ...
if you have a port redirection done in the fw, it won't work for the internal traffic.
because of Problem when using port forwarding on openwrt while client same ip segment - #2 by frollic
not if the traffic is internal.
so how to fix that?, using
reflection=1 still can't
same.. and user on outside cannot access
what "same" ?
the change you just made have nothing to do with the external access.
Are you sure the firewall on the machine hosting the website is configured to allow the traffic? Can you turn it off temporarily?
oh my bad, i just remove on redirect, and i no have traffic rules.
still cannot access while user access on under router with domain or ip on port 5774
firewall on web 192.168.120.124 already off and allow traffic.. and it can access on client using direct access with ip.
As frollic said
So internally when clients goto the website, they'll access it by the 192 IP instead of the external IP
you could also try a fw rule, catching calls towards the public IP, and redirect them to the 192 IP.
not 100% sure it'll work though, since the public IP sits on the same device.
hmm okeoke it fix the problem for now with one device if want to redirect, but multiple device forward will need multiple domain too.
I think I'll make another router using docker specifically for handling port forwarding
won't change anything for your LAN devices, as long they've on the same subnet...
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.