OpenWrt Forum Archive

Topic: Help: how to setup remote web admin on different port

The content of this topic has been archived on 19 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Good morning,

I have recently flashed my WRT1900AC using McWrt (Chaster latest release) and all is well, wifi seems stable and all of the functionality i need is working well.

What I cannot work out how to do is allow remote web administration of the router itself and i need to do so on a designated port as ports 80 and 443 are port forwarded to a server on my lan.

what is the easiest was to do this on say port 4443 and port 8081

thanks in advance,

Dan.

Take a look into the file "/etc/config/uhttpd" and restart then the uhttp server with "/etc/init.d/uhttpd restart" when you made your changes to apply it.

Hi, ok so I opened the file in vi and modified just the header as follows:-

root@OpenWrt:~# vi /etc/config/uhttpd

# Server configuration                           
config uhttpd main                               
                                                 
        # HTTP listen addresses, multiple allowed
        list listen_http        0.0.0.0:8081     
#       list listen_http        [::]:8081         
                                                 
        # HTTPS listen addresses, multiple allowed
        list listen_https       0.0.0.0:4443
#       list listen_https       [::]:4443         

where it originally stated 80 and 443

I can now only get to the router on the LAN at port 8080 (which I should of expected), but, I cannot get at it from the Wan ....

also if i try and use the ssl port (4443) I get a white page with "Request Entity Too Large".

have i missed something else that i need to do, its as if its not listening on the wan side.

thanks

Dan.

(Last edited by danielgwalter on 2 Nov 2014, 11:57)

danielgwalter wrote:

I can now only get to the router on the LAN at port 8080 (which I should of expected), but, I cannot get at it from the Wan ....
also if i try and use the ssl port (4443) I get a white page with "Request Entity Too Large".

You have to install the package "luci-ssl" if you want to connect via https to the configuration page.
If you can access it from LAN but not from WAN, then you have probably forgotten to allow the WAN access to port 4443 in the firewall configuration.
Go to "Network" -> "Firewall" -> "Traffic Rules" and set there a new "allow input" rule for port 4443, or do this directly in the file "/etc/config/firewall" if you prefere the command line.

I strongly recommend to use just the SSL port and not the unencrypted port 8081 on WAN side.

Hi,

unfortunately I hadn't forgotten to add a firewall rule.

so, at the top of my traffic rules I have an accept input rule as follows

Any TCP, UDP
From any host in wan
To any router IP at port 4443 on this device

and in the config file for uhttpd I have

# HTTPS listen addresses, multiple allowed
        list listen_https       0.0.0.0:4443

when i browse locally over the LAN i get to the web admin just fine on HTTPS://192.168.0.1:4443, however,

from the WAN side using my public IP and :4443 I get "Request Entity Too Large"

any ideas?

thanks

Dan

you can also leave port 443 in /etc/config/uhttpd and redirect 4443 from WAN to 443 in LAN with these rules in /etc/config/firewall

config rule
        option name 'luci-wan'
        option target 'ACCEPT'
        option src 'wan'
        option proto 'tcp'
        option dest_port '443'

config redirect
        option _name 'luci-wan-redirect'
        option src 'wan'
        option proto 'tcp'
        option src_dport '4443'
        option dest_port '443'
        option dest_ip '192.168.1.1'
        option dest 'lan'

PS: as michaeluray wrote, don't forget to install the package "luci-ssl" if you want to access luci via https

(Last edited by wazaa on 25 Feb 2016, 11:50)

The discussion might have continued from here.