Missing Internal zone in port forwarding configuration

Hi. Starting with firmware version RUTX_R_00.07.15, the ‘Internal zone’ field has been removed from the port forwarding configuration. It was deemed ‘unnecessary’.

However, when I have multiple LAN networks or firewall zones configured with custom names, port forwarding does not work properly. Redirection to ‘lan’ is set automatically, which may not exist if the default zone name is changed. Only modifying the ‘option dest’ value in the /etc/config/firewall file to the correct zone name restores port forwarding functionality.

My example:
I have the following LAN networks set up:

1. LAN_ONE (192.168.1.1) with the LAN_ONE firewall zone
2. LAN_TWO (192.168.2.1) with the LAN_TWO firewall zone

In newly released firmware versions, after setting up a new port forwarding, the configuration looks as follows:

Incoming IPv4 TCP from ‘WAN_ONE’ Via port 80 → To ‘lan’ IP 192.168.1.XX

This setting is incorrect because ‘lan’ does not exist. I have to manually modify the destination zone to LAN_ONE.

I kindly request that you restore the ‘Internal zone’ field, because I have set my own firewall zone names in several routers.

Hi,

Seems like only NAT loopback (reflection) is effected by this. Deleting dest will also fix this as firewall will automatically resolve custom zone

Hello @Pik,

Could you please confirm if the solution provided by Dainius resolved your issue?

Best regards,

@Dainius @Marija

It does not matter whether I use NAT loopback or not.

Yes, completely removing ‘option dest’ from the configuration causes the ‘Unspecified’ zone to be displayed in the GUI and restores the correct functioning of port forwarding.

However, this is not a solution. I still have to log in via SSH/CLI and modify the configuration files.

This topic was automatically closed after 60 days. New replies are no longer allowed.