Firewall setup Port Nextcloud, local server, HTTP,HTTPS Access Routing

i have a client on the LAN-Network where a Server Application is running.
Currently i use it as a Nextcloud instance.
I want this server be usable from the Internet.
I have two WAN Ip-Adresses IPv4 and IPv6 and both are correctly set up with my DNS-Name.
Now i have the following problem.

What settings do i have to take and make, to get the ports 80 and 443 routed to this server.

When i set up the Port Forwarding in the Firewall and Ping my External WAN IP from another webserver i got no response. A CURL on the HTTP or HTTPS port also does not result in a success message.
Are ther some consideration i should take, or does somebody have a quick explanation how i can secure this setup?

Best regards,


For IPv6 I just added one item in luci / firewall / “traffic rules” (not “port forwards”):

Any traffic
From any host in wan
To IP foo::bar, port 22 in lan

I use just SSH but other ports should be the very same; I believe ping via IPv6 works without any setting needed (the Allow-ICMPv6-Forward rule).

I have almost the same configuration. LAN 0-3 are my local network (eth0) and LAN4 is configured as a DMZ (eth2) where a nextcloud server is connected.
I solved the internal and external connectivity with this NAT configuration:

The first two rules open the external access from the wan.
The third rules opens connectivity for my smartphone from my internal LAN to the nextcloud server in the DMZ.

@Harry_V1.0 did you use a specific VLAN configuration.
Currently i have two servers which should be in my VLAN/DMZ.
Do you have a good guide to set up a DMZ on OpenWRT | the Turris Omnia?

Best regards.


Turris doc has a really good VLAN documentation. You can configure two VLAN and use one of them as a DMZ zone.
I did not use the VLAN configuration, because LAN4 is exclusively connected to eth2. In case of using two ports, a VLAN config is required.
Luci offers a good configuration GUI so that this should not be to complicated.