Greetings.
Recently purchased hAP ac router as a replacement of my old TP-Link and almost instantly faced and issue trying to reproduce old settings:
General config: eth1 - WAN, eth2-5 LAN (switch), WiFi bridged with LAN master port. Default set of firewall rules.
I've dst-nat'ted some ports to my FTP server and it works fine with external requests, but won't work with requests form LAN network (10.0.0.0/27)
add action=dst-nat chain=dstnat comment=FTP dst-address=(WAN IP) dst-port=\
21,12900-13000 log=yes protocol=tcp to-addresses=10.0.0.1
When I try to access my FTP form a smartphone connected to WiFi, I see nat rule counter changes value but FTP is still inaccessible.
PS I suggest that nat won't correctly redirect the response to client device.
I also set up alike rule for WoL, which works over udp, and it works for both, external and internal requests.