Hi,
First, thanks for this project, I was able to install OpenWrt on my TPLink RE450 in minutes
I am new to OpenWrt and have only a basic understanding of networking. It's not that I have no idea on how the things work, but there was never a need to dive to deep.
I am sorry if my question is already asked several times or is dump, but I was not able to find how to configure OpenWrt to redirect a global ip to a local one.
My problem is:
I have a couple of smart devices that communicate to a specific ip address (similar to 18.158.53.112), however I found that everyone out there is able to control these devices because the server is not really secured. So I want to forward the call to the server's ip address to a local one (eg 192.168.178.30) and run my own server on this device.
If you use the static route then you have to configure 18.158.53.112/32 as an additional IP address on the server, since the packet will be forwarded without translating the destination address.
Wow, that was fast, thanks!
So I need to add 127.0.0.1 18.158.53.115/32 to the /etc/hosts of my server?
I've looked around regarding DNAT, I'd prefer to do it, as it seems to allow me not to have to configure the server's hosts file.
Is this the right command?:
No, that line won't work. You can use /etc/hosts to associate a hostname with the addition IP address. But the address itself has to added in the network configuration. How it's done depends on the operating system, and method that's used.
No, and better use the UCI or Luci for that.
A SNAT will be needed as well.
I think the easiest way to do it in one shot is to make a redirect from wan to that IP and enable nat loopback so that traffic from lan going to that IP will also be redirected to the lan host. It will also create the necessary SNAT.
thank you,
on my pi server I tried executed: sudo ip addr add 18.158.53.115 dev wlan0
however, this seems not make a difference..
Could you please help and explain what to do exactly?
Most likely wrong, but this is what I've tried:
Firewall NAT Rule:
Protocol: Any
Outbound zone: Any zone
Source address: any
Destination address: 18.158.53.115
Action: SNAT
Rewrite IP address: 192.168.178.30
However, I'm sure I miss the one or the other important thing and have no idea how to enable nat loopback :-/
It would be very nice if you could give me the steps.
mikma, thank you again, I missed your comment...
The server is a Pi3 and I used this command as alternative: sudo ip addr add 18.158.53.112 dev wlan0
With this line executed, ping gives me the expected result from the pi/server. And "ip addr" shows:
It is not needed. Just make sure the RPi has a permanent IP in the lan.
Port Forward:
_General Settings_
Protocol: Any
Source zone: wan
Destination zone: lan
Internal IP address: IP_OF_RPi
_Advanced Settings_
External IP address: 18.159.54.124
Enable NAT Loopback: Check!
Damn, this is not possible... For my ISP I need to have a DOCSIS 3.1 router, as far as I know there is no OpenWrt compatible one available...
Isn't there another option to "fake" a global IP?
Thank you all! @trendy configuration works perfectly after I have added an additional VLAN interface and configured wan.
Local DNS is not working for devices in the first router but I will investigate in this later.
Thanks for your patience with me!