connect to server in seperated lan (using openwrt)

Question

I am using openwrt with the following setup:

                 ---------------
                 |             |--- LAN1 192.168.1.1/24
WAN 194.X.X.X ---| openwrt-box |                                               ------------
                 |             |--- LAN2 192.168.2.1/24 --- 192.168.2.10/24 ---|  Server  |
                 ---------------                                               ------------

Firewall - Zone Settings

General Settings
Enable SYN-flood protection yes
Drop invalid packets        no
Input           accept
Output          accept
Forward         reject

Zone ⇒ Forwardings  Input   Output  Forward Masquerading    MSS clamping
LAN1 ⇒ WAN          accept  accept  reject  no              no
WAN ⇒ reject        reject  accept  reject  yes             yes
LAN2 ⇒ WAN          accept  accept  reject  no              no

I have a port forwarding from WAN to Server and everything is working fine, but: How can I connect from LAN1 to Server?

Do you need additional information?

Thanks

Answer 1

Finally I got a solution how to only allow to connect from LAN1 to Server on port 80 and 443:

1. In "Network->Firewall" go to page "Traffic Rules"

2. scroll down to "New forward rule"

   Name Source zone Destination zone LAN1ToServer LAN1 LAN2

3. klick "Add and edit"

4. Enter Server ip in field "Destination address" and port ("80 443") in "Destination port" and "Save & Apply"

Answer 2

You haven't defined inter-zone forwarding between LAN1 and LAN2, thus the default forwarding policy (reject) is used. You simply need to open this up.

Click Edit next to the LAN1 line, and in the Inter-Zone Forwarding section, make sure you enable LAN2 in both directions.