I have the following setup:
ISP
|
|
external interface (public ip)
/
Router (running OPNsense)
\
internal interface 192.168.0.1
|
/ \
/ \
/ \
webserver other lan clients
192.168.0.2 192.168.0.3-100 (from dhcp)
My Router is not able to connect to the webserver via it's public IP-address but the rest of the 192.168.0.0/24 net is.
I have set portforwards for the WAN interface on port 80 and 443 to my webserver and enabled "Reflection for port forwards" as well as "Automatic outbound NAT for Reflection" in the advanced settings for the firewall.
Anyone got an idea why my router is not able to connect to the webserver via it's external-IP.
To rule out the webserver as point of failure I setup a dummy ssh server (raspberry pi) and portforward some port to the pi's ssh port with the exact same result. The whole 192.168.0.0/24 network can connect to the pi via its public ip (domainname) except from the router.