OpenWrt Forum Archive

Topic: [SOLVED] Can't forward the port 443

The content of this topic has been archived on 22 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
emmanuellgd
16 Jul 2016, 16:40

Hi,

I have installed lighttpd on my openwrt to act as a proxy. I have opened two ports: 8080 and 4343. Both are working fine in local (http://192.168.51.1:8080 as well as https://192.168.51.1:4343 work).

I have then defined two rules to access it from outside. For that I have added to /etc/config/firewall, restarted the firewall and even the router:

config redirect
        option target 'DNAT'
        option src 'wan'
        option dest 'lan'
        option proto 'tcp'
        option src_dport '80'
        option dest_ip '192.168.51.1'
        option dest_port '8080'
        option name 'HTTP-lighttpd'


config redirect
        option target 'DNAT'
        option src 'wan'
        option dest 'lan'
        option proto 'tcp'
        option src_dport '443'
        option dest_ip '192.168.51.1'
        option dest_port '4343'
        option name 'HTTPS-lighttpd'

http works fine but not https !

More Info:

root@OpenWrt:~# netstat -nltp | grep light
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      6129/lighttpd
tcp        0      0 0.0.0.0:4343            0.0.0.0:*               LISTEN      6129/lighttpd

From a remote console:

$ nmap MYIP -p 80
Starting Nmap 7.01 ( https://nmap.org ) at 2016-07-16 17:38 CEST
Host is up (0.026s latency).
PORT   STATE SERVICE
80/tcp open  http


$ nmap MYIP -p 443
Starting Nmap 7.01 ( https://nmap.org ) at 2016-07-16 17:38 CEST
Host is up (0.027s latency).
PORT    STATE  SERVICE
443/tcp closed https

I have even tried option src_dport '4343' without more success.

Any Idea ?

Thanks in advance !

(Last edited by emmanuellgd on 18 Jul 2016, 20:31)

Post #2
emmanuellgd
18 Jul 2016, 10:24

up ? smile

Post #3
eduperez
18 Jul 2016, 11:06

Dump your current iptables rules, just to be sure that everything is running as expected.
If everything there seems correct, perhaps your ISP is blocking port 443.

Post #4
emmanuellgd
18 Jul 2016, 20:31

Hi and Thanks, I think my router has reserved the port 443 so I changed that and it works well smile

The discussion might have continued from here.