I have Vbox VM Debian at 192.168.1.3 . It works and 80(web) and 22(ssh) accesible form my pc 192.168.1.2.
VM network in bridge mode.
My pc connected to router by WIFI.
I am trying to access to my pc 3389 RDP port and VM 80(browser) and 5555(ssh) port from inernet. But allways connection refused.
22 i remaped to 5555. because of 22 used by router.
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdcb:9e09:1ae7::/48'
config interface 'lan'
option ifname 'lan1 lan2 lan3 lan4'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option ifname 'wan'
option proto 'dhcp'
option macaddr '00:23:54:45:fc:50'
option hostname 'xxx'
option reqopts 'staticroutes msstaticroutes'
config interface 'wan2'
option ifname 'wan2'
option proto 'none'
option macaddr '00:23:54:45:fc:50'
option ifname 'ppp0'
option username 'xxx'
option password 'xxx'
/etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'wan'
option network 'wan wan2'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule
option target 'ACCEPT'
option src 'wan'
option proto 'igmp'
option name 'IGMP'
config rule
option target 'ACCEPT'
option src 'wan'
option name 'UDP Multicast'
option proto 'udp'
option dest_ip '239.0.0.0/8'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '8888'
option dest_ip '192.168.1.1'
option dest_port '8888'
option name 'udpxy'
config rule
option src 'wan'
option target 'ACCEPT'
option proto 'tcp'
option dest_port '22'
config redirect
option name 'wol'
option proto 'udp'
option src_dport '23001'
option dest_port '9'
option target 'DNAT'
option src 'wan'
option dest 'lan'
option dest_ip '192.168.1.2'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '5555'
option dest_ip '192.168.1.3'
option dest_port '22'
option name 'sshvm1'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '80'
option dest_ip '192.168.1.3'
option dest_port '80'
option name 'webvm1'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '3389'
option dest_ip '192.168.1.2'
option dest_port '3389'
option name 'rdp1'
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/ath9k'
option disabled '0'
option noscan '1'
option channel '1'
option hwmode '11ng'
option txpower '30'
option country 'TW'
option htmode 'HT40+,SHORT-GI-20,SHORT-GI-40,40-INTOLERANT'
config wifi-iface
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'xxx'
option encryption 'psk2+aes'
option key 'xxx'
I think it because WIFI. Anybody know why connection refused?