Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#4259 - Cannot reach public-facing service in LAN from LAN; only reachable from WAN #9242

openwrt-bot opened this issue Feb 7, 2022 · 2 comments


Copy link

openwrt-bot commented Feb 7, 2022


I run a publicly accessible web server at home, behind an OpenWrt router. The router has firewall rules allowing incoming connections to ports 80 and 443 (forwarding rules for ipv4; port access rules for ipv6).

A recent snapshot upgrade made the web server unreachable from LAN using ipv4, while still being reachable from WAN. Ipv6 is unaffected and works as expected from both LAN and WAN.


  1. Setup a web server inside your LAN network and confirm that it can be reached from outside. I use my phone's 4G connection for that.

  2. Download and move it to "/tmp" on the router that is already running OpenWrt.

  3. Run "sysupgrade openwrt-ramips-mt7621-tplink_archer-c6-v3-squashfs-sysupgrade.bin" and wait for the device to reboot.

  4. SSH into it as root, set a root password, apply any needed UCI configuration* and reboot.

  5. See if you can reach the web server from inside the LAN using its public ipv4 address.

  • I use a shell script to automatically configure everything using UCI commands. It defines DHCP hosts, firewall rules, PPPoE authentication, etc.

Device: TP-Link Archer C6 V3 (ramips/mt7621)
OpenWrt version: SNAPSHOT (r18754-f6a01d7f5c)

  • Last working snapshot I used was from December 2021, but I don't have its snapshot number.
Copy link

openwrt-bot commented Feb 7, 2022


Should be fixed by 2dd6777

Copy link

openwrt-bot commented Feb 7, 2022


I forgot to add a step after number 3 in "REPRODUCING":

3.1. After the reboot, perform a factory reset by holding the reset button in the back of the router. A clean start.

EDIT: Thanks for the update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

1 participant