You are not logged in.

Pages: 1

#1 2022-06-09 09:43:59

Hacksign
Member
Registered: 2012-07-30
Posts: 131

NAT problem between different VLAN

Hi there

This is not a Archlinux problem, but it confused me a lot, any help will be appreciated !

Below is the structure of my network:

https://i.imgur.com/T1DCsIu.png

There is a website running on https://192.168.2.4:5001, and I've configured a domain pointed to my routers's wan address, so let assume abc.com pointed to my routers WAN address x.x.x.x

And there is a portforward configuration on my router: any TCP protocol from any ip by WAN port 5001 will be forward to 192.168.2.4:5001 (and enabled NAT Loopback feature, the router running OpenWrt on it)

The problem is:

1. If I access https://abc.com:5001 with device 192.168.2.50/24, I can get the website.
2. I can access VLAN 192.168.2.4/24 with VLAN 192.168.1.100/24
3. If I access https://abc.com:5001 with device 192.168.1.100/24, I can *NOT* get the website.

Any body knows how I can access 192.168.2.4 by a *WAN* address, which is abc.com, with VLAN 192.168.1.100/24 ?


Mod Edit - Replaced oversized images with link.
CoC - Pasting pictures and code

Last edited by Slithery (2022-06-09 10:46:08)

Offline

#2 2022-06-09 10:13:50

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: NAT problem between different VLAN

Whetever you are using to do your routing doesn't support 'NAT Loopback' (most consumer routers don't).

Either configure your router to do this if possible or run a local DNS server on the 192.168.1.0/24 subnet to forward requests to the local IP address.

Edit - Just reread your post and saw that NAT Loopback is already configured. You say that all incoming traffic on the WAN is being forwarded, is all traffic from a LAN subnet being forwarded as well? I'm not very experienced with OpenWRT.

Last edited by Slithery (2022-06-09 10:21:28)

No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#3 2022-06-09 10:36:36

Hacksign
Member
Registered: 2012-07-30
Posts: 131

Re: NAT problem between different VLAN

The only rule related to VLAN forwarding is confiugred as 'Accept forward between different zones', see below:

https://i.imgur.com/FEVtDO7.png

lan: 192.168.1.0/24
serverL 192.168.2.0/24

And the port forward configuration:

https://i.imgur.com/zySjiUS.png


Slithery wrote:

Whetever you are using to do your routing doesn't support 'NAT Loopback' (most consumer routers don't).

Either configure your router to do this if possible or run a local DNS server on the 192.168.1.0/24 subnet to forward requests to the local IP address.

Edit - Just reread your post and saw that NAT Loopback is already configured. You say that all incoming traffic on the WAN is being forwarded, is all traffic from a LAN subnet being forwarded as well? I'm not very experienced with OpenWRT.


Mod Edit - Replaced oversized images with links.
CoC - Pasting pictures and code

Last edited by Slithery (2022-06-09 10:48:06)

Offline

#4 2022-06-09 10:47:29

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: NAT problem between different VLAN

In the portforwards menu can you add 'LAN' to the 'Source Zone' drop down menu?

No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

Pages: 1

Board footer

Powered by FluxBB