On the router, I have forwarded the 443 port of the web server, but
when a client makes a request to the domain from the local network, the router returns LuCI.
At the same time, when the client makes a request from the Internet, the request goes through successfully to the web server.
Public IP sits on the router, so there's nothing wrong with it showing you Luci.
Have you local DNS resolve the FQDN with the local IP of the web server.
Meaning your drawing is "wrong", DNS requests from LAN clients should be sent to the router, not the ISPs DNS directly.
I'm not a networking expert, but isn't that what NAT Reflection/Hairpinning was designed for? The router sees that the connection is going to a public IP that belongs to it, maps the target port to the open ports and forwards the request directly to the device inside the network without sending the request to the WAN. Am I misunderstanding this?
I also keep a web server at home and when I make a request from the local network to my public IP I have my page open just like when I do it over the cellular network on my phone
Btw, I know OP, and we have the same router models and the same port forwarding rules. The only difference is how our ISPs give us public IP addresses. My ISP requires me to enter the connection settings (IP, netmask, gateway, etc.) manually when the OP's ISP sends those settings via DHCP.
Could this be the problem? Is it possible that NAT Hairpinning in OpenWrt "doesn't understand" when public IP address is assigned by ISP via DHCP?
Yeah, @Olejka's right. This should be done by NAT Loopback. @frollic's solution really helped me, but it was not the solution I needed. Because on my previous non-openwrt router, port forwarding worked properly.
NAT Loopback is enabled and works, but not on 443 and 80 ports.
In short, the problem was DPI bypass software that I recently installed. The solution is described in this issue on GitHub (It's in Russian).