GL-MT6000 - Can't access DDNS forwarded port with wireguard

I have a Orange Pi on my LAN, IP, connected to Flint 2. I have a webserver running on it on port 8443. I did a port forward:

and works great with duckdns outside home, like:

I configured wireguard server on my FLint 2 and now I cannot access the above webpage, as wireguard client, I got a connection refused. Instead I can access on:

But of course i have a certificate error since it’s not linked with the DDNS (ERR_SSL_UNRECOGNIZED_NAME_ALERT)

I realized that I can’t even telnet the port 8443 using the public IP, when connected thru wireguard.

The funny thing is, I have a pivpn wireguard server on my Orange Pi, and if i connected on this server, i can access the DDNS without problem. So, the problem is in wireguard server on Flint 2.

How can I access my webserver using DDNS connected thru FLint 2 wireguard server?

1 Like

Ok I just figured out a rule in firewall that works, I need to select the reflection zones and put the wgserver. Funny enough if I select only wgserver, then I cannot access the DDNS from the LAN anymore, so I need to select LAN to access inside the LAN again.

Not sure if I need to put WAN too, but I can access the server from any public IP like the config below…

If anyone has a more intelligent solution, please let me know, I don’t want to do this in every port forward to access a internal server with DDNS from wireguard client…

Heh; it’s time to make a backup then.