|
|
Double NAT - Is it really that awful?
|
|
|
|
Mac Elite
Join Date: Sep 2006
Location: Back in the Good Ole US of A
Status:
Offline
|
|
My ISP has provided me with a WiFI modem/router that is totally locked down. The only thing I can do is turn on/off the WiFi and change the WiFi password. I can't eliminate the modem because my ISP uses PPOA which is not supported by the Airport Extreme.
I'd like to be able to take advantage of Back to my Mac and other services that require port forwarding but to do so I'd end up with a "double NAT" scenario. Airport Utility complains and causes the router to blink yellow incessantly. I'm not sure if my anally retentive obsessive compulsive self can deal with the blinking light but I may just have to grin and bear it.
Thoughts/suggestions?
|
|
|
|
|
|
|
|
|
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
You can use double NAT if you use different address ranges. If the outer network uses the 192.168.x.x range and the inner uses the 10.x.x.x range (or vice versa, obviously), you should be good. It's when they both use the same range that bad things happen. Set the Airport Extreme to whatever the ISP router doesn't use.
(Technically you can use one on 192.168.1.x and the other on 192.168.2.x or whatever, but that requires fiddling with the subnet mask. Using different ranges is easier.)
|
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
|
|
|
|
|
|
|
|
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status:
Offline
|
|
Double NATs may make some services more problematic, a lot will depend on how well they can NAT punch through two NATs instead of one, and whether both NATs can do UPnP very well.
You can eliminate the airport NAT by changing its router mode to 'off' or 'bridge mode.' This will tell it to pass client traffic (including DHCP) to the modem/router device. Both it and the airport use NAT when in router mode; since you can't change the modem, placing the airport in bridge mode will still provide wifi via the airport, but will eliminate its NAT since it is no longer routing (it'll act like a dumb switch instead).
https://en.wikipedia.org/wiki/NAT_traversal
https://en.wikipedia.org/wiki/Universal_Plug_and_Play
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2006
Location: Back in the Good Ole US of A
Status:
Offline
|
|
Originally Posted by P
You can use double NAT if you use different address ranges. If the outer network uses the 192.168.x.x range and the inner uses the 10.x.x.x range (or vice versa, obviously), you should be good. It's when they both use the same range that bad things happen. Set the Airport Extreme to whatever the ISP router doesn't use.
(Technically you can use one on 192.168.1.x and the other on 192.168.2.x or whatever, but that requires fiddling with the subnet mask. Using different ranges is easier.)
I'll give that a try.. thanks.
Originally Posted by Cold Warrior
Double NATs may make some services more problematic, a lot will depend on how well they can NAT punch through two NATs instead of one, and whether both NATs can do UPnP very well.
You can eliminate the airport NAT by changing its router mode to 'off' or 'bridge mode.' This will tell it to pass client traffic (including DHCP) to the modem/router device. Both it and the airport use NAT when in router mode; since you can't change the modem, placing the airport in bridge mode will still provide wifi via the airport, but will eliminate its NAT since it is no longer routing (it'll act like a dumb switch instead).
https://en.wikipedia.org/wiki/NAT_traversal
https://en.wikipedia.org/wiki/Universal_Plug_and_Play
I presently have the Airport in bridge mode but with that configuration, port forwarding doesn't seem to work. I can't see my Macs from the outside world. That's why I was investigating other scenarios.
Thanks all for your suggestions. I'm traveling now but when I return home I'll be sure to do some more fiddling around and report on my successes (or lack thereof).
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Originally Posted by Atheist
Thanks all for your suggestions. I'm traveling now but when I return home I'll be sure to do some more fiddling around and report on my successes (or lack thereof).
You could turn to other solutions for outside world access, as long as ou're trying to connect via a Mac (and not cell phone).
E.g.
Screensharing via LogMeIn (free)
VPN via LogMeIn Hamachi (free)
Also, take a look at Slink http://slinkware.com/features/
It offers full remote access to all shared Bonjour services.
-t
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|