I'm struggling with my firewall NAT config to achieve what I've got in my mind. I got a little knowladge of networking, but I guess it's not enough.
I've got running homeassistant server running on my local network on static 192.168.13.246 and it's accessable over LAN (+hairpin is working well). So basically from local I can reach it with my public, local or aliased (homeassistant) over port 8123. That's great.
The problem is when I try to get there from outside of my local network - can't reach it at all and there isn't any package going through.
My current firewall NAT is looking like this:
Code: Select all
Flags: X - disabled, I - invalid; D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none
1 chain=srcnat action=masquerade protocol=tcp src-address=192.168.13.0/24 dst-address=192.168.13.246 out-interface=bridge dst-port=8123 log=no log-prefix=""
2 chain=dstnat action=dst-nat to-addresses=192.168.13.246 to-ports=8123 protocol=tcp dst-address=!192.168.13.1 in-interface=bridge dst-port=8123 log=no log-prefix=""