Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#4259 - Cannot reach public-facing service in LAN from LAN; only reachable from WAN #9242

Closed
openwrt-bot opened this issue Feb 7, 2022 · 2 comments
Labels

Comments

@openwrt-bot
Copy link

openwrt-bot commented Feb 7, 2022

harpia:

====CONTEXT====
I run a publicly accessible web server at home, behind an OpenWrt router. The router has firewall rules allowing incoming connections to ports 80 and 443 (forwarding rules for ipv4; port access rules for ipv6).

====THE PROBLEM====
A recent snapshot upgrade made the web server unreachable from LAN using ipv4, while still being reachable from WAN. Ipv6 is unaffected and works as expected from both LAN and WAN.

====REPRODUCING====

  1. Setup a web server inside your LAN network and confirm that it can be reached from outside. I use my phone's 4G connection for that.

  2. Download https://downloads.openwrt.org/snapshots/targets/ramips/mt7621/openwrt-ramips-mt7621-tplink_archer-c6-v3-squashfs-sysupgrade.bin and move it to "/tmp" on the router that is already running OpenWrt.

  3. Run "sysupgrade openwrt-ramips-mt7621-tplink_archer-c6-v3-squashfs-sysupgrade.bin" and wait for the device to reboot.

  4. SSH into it as root, set a root password, apply any needed UCI configuration* and reboot.

  5. See if you can reach the web server from inside the LAN using its public ipv4 address.

  • I use a shell script to automatically configure everything using UCI commands. It defines DHCP hosts, firewall rules, PPPoE authentication, etc.

====DETAILS====
Device: TP-Link Archer C6 V3 (ramips/mt7621)
OpenWrt version: SNAPSHOT (r18754-f6a01d7f5c)

  • Last working snapshot I used was from December 2021, but I don't have its snapshot number.
@openwrt-bot
Copy link
Author

openwrt-bot commented Feb 7, 2022

jow-:

Should be fixed by 2dd6777

@openwrt-bot
Copy link
Author

openwrt-bot commented Feb 7, 2022

harpia:

I forgot to add a step after number 3 in "REPRODUCING":

3.1. After the reboot, perform a factory reset by holding the reset button in the back of the router. A clean start.

EDIT: Thanks for the update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant