0

Here's the situation. I have OpenWrt installation with multiple zones:

  • WAN - let it be 1.1.1.1
  • LAN0 - 192.168.0.0/24
  • LAN1 - 192.168.1.0/24

After forwarding some port from WAN to LAN0 I can reach it from another host in the Internet (e.g. 2.2.2.2) but I can't reach port from LAN1.
After some researchments I discovered that for some reason any packets I send from LAN0/1 to 1.1.1.1 are being served from correspoding LAN interface, but not WAN e.g. when I'm trying to connect to 1.1.1.1:80 from LAN1 the packets not being forwarded to LAN0 but to router (it opens its web interface).

Yeah, I could make duplicate for every forwarding rule but I really want to try to avoid it as there are already 10 of them.
Is there any way to properly configure firewall (maybe raw iptables but w/o DNAT that only accepts one interface as an argument?) or to make packets from LAN0/1 to public IP being recieved by WAN interface?

Thank you in advance

WGOS
  • 101
  • Please have a look at https://en.wikipedia.org/wiki/Hairpinning and tell if this describes the kind of solution you are looking for. Just to be sure of the problem. I guess you'll have to provide your iptables rules (eg: `iptables-save -c`). – A.B May 23 '21 at 23:08
  • @A.B seems like that's the problem and in most cases where two hosts are in the same LAN turning on NAT loopback solves the problem. In my case there are 2 LANs so option seems not to work unfortunately – WGOS May 23 '21 at 23:12
  • Actually that's not really an hairpinning situation if it's between two different LANs. But only the NAT rules (and routes) can explain what happens and why. – A.B May 23 '21 at 23:25

0 Answers0