Hi all,

I've spend some weekends to get along with my first OpenWRT router TP-LINK TL-WR841N v8.4c behind a D-Link DSL-321B modem.

To access my modem I've set modem IP to 192.168._0_.1.
Router LAN has default IP 192.168._1_.1.

In addition to default settings I've just set up dynamic DNS support (works), fixed IPs for my home clients/server and Port Forwarding for Nginx running on my home server (80, 443).

Problem: requesting my.ddns.net opens my modem configuration menu instead the Nginx page on the server.

What I've tried:

1. Set router IP (192.168.0.2) in modem configuration as "DMZ" (which means "exposed host" according to modem info).
2. Forwarding whole port range from modem to router.

To confirm: Modem firewall is _dis_abled.

Question: to be honest I don't understand the concept of OpenWRT interfaces yet. Do I need to forward the incomfing traffic on WAN interface to LAN interface separately?

Thx a lot, OpenWRT is awesome!
sj7

I guess you are trying to access "my.ddns.net" from inside your network. Even if "my.ddns.net" points to the public IP on the modem, when the modem sees the incoming connection from the internal interface, the modem redirects that connection to the web server on the modem; to redirect the connection to the DMZ device (your router), the connection must reach the modem on the external interface.

First of all, I would try to make the connection from outside your network, to validate my guess; if that works, then there are a couple of alternatives you can try:
* Configure DNAT on the router, so connections to the external IP address are redirected to the IP address of the internal server.
* Configure DNSMASQ on the router, so requests for "my.ddns.net" are answered with the IP address for the internal server.

Hello eduperez,

at first sorry for my late reply and thank you very much for your answer. After your post I thought it would be better to postpone my OpenWRT migration because I always had to disconnect all my running services (including an XMPP server for family and friends so I can only do this at night). Now I want to focus on OpenWRT and started to confirm your guess:

It is exactly like you supposed it: connecting via my.ddns.net from outside via mobile I could reach the webserver on my server behind modem+router. From inside I was connected to the modem interface.

...so may I ask according to the wiki example:

config redirect
        option name     'icmp DNAT'
        option src      'wan'
        option src_dip   '1.2.3.4'
        option proto    'icmp'
        option dest     'dmz'
        option dest_ip  '192.168.1.79'
        option target   'DNAT'

If my current setup is:

Router
IPv4 WAN Status    

eth0     Type: dhcp
Address: 192.168.1.2
Netmask: 255.255.255.0
Gateway: 192.168.1.1
DNS 1: 192.168.1.1
Connected: 0h 4m 0s

IPv6 WAN Status    
?     Not connected

and the server I want to reach via my.ddns.net has ip 192.168.2.191 I should set 192.168.2.191 as dest_ip? But what for src_dip? Can I provide an ip range as src_dip (all my LAN clients have to reach the server via my.ddns.net)?

Even if you connect to your external IP address, packages are reaching your router from the internal interface; thus, "option src 'wan'" cannot be correct... Search for "openwrt nat reflection" and you will find some examples on how to achieve what you need.