Results 1 to 9 of 9

Thread: Double NAT Situations

  1. #1
    Senior Member
    Deep x Techno
    chazysa's Avatar
    Join Date
    Jan 2015
    Location
    Sandton, Gauteng, South Africa
    Posts
    416
    Game IDs
    Experience

    Default Double NAT Situations

    Hi SAGamer Peeps,

    Could anyone here provide some insight into how one could resolve this?

    I am currently with Supersonic (Previously Smart Village) under MTN - I unfortunately cannot avoid this as it is enforced by the complex . None of the techies from there are able to assist me properly with this.

    In a nutshell:

    - I am using a single TP-Link Router connected to the wall-unit which, according to the 'techies', has a 24-bay switch/gateway for the entire block.
    - They cannot enable 'bridge mode'.
    - I have a static IP and my device has NAT enabled with multiple ports forwarded for XboxLive and Plex etc.
    - DMZ is a fail
    - Disabling NAT/Upnp/DHCP on my router is a fail.
    - The 'techies' have requested that I obtain a public IP from the ISP (additional R42 a month) and this will help with my Double NAT situation.

    So my question is if there is a way I can resolve this without their help or change in configuration etc? I have not experienced this until a few months ago and I am getting annoyed with the ISP seeing that their resolution to this is that there is nothing I can do and I would just have to deal with it.

    Any insight in this regard would be highly appreciated.

  2. #2
    Gaming Wizard
    No.1 Pose
    SauRoN's Avatar
    Join Date
    Nov 2007
    Location
    Cape town
    Posts
    26,248
    Game IDs
    Experience

    Default Double NAT Situations

    You’ll need to pay the extra money for a direct WAN IP of your own.

    They are using NATing everyone on a private network which is why you are getting a double NAT as you are in fact adding a second NAT.

    You could try disable routing and jack straight into the network but then everything of yours is exposed to everyone on that network like a public WiFi setup.

    Deeply insecure

    You mentioned this as “disabling the NAT” but you would need to disable DHCP and plug your router into one of the switch ports instead of the WAN port with any chance to make it work. Or if it has the option to switch from router mode to access point and then you can still use the WAN port.

    (Before doing the above plug a device directly into the port where the router plugs in. If that gets an IP and internet then the above will work).

    The better option is however to pay for the WAN IP and have your own direct link for you to manage yourself.

    Either way it’s all a case of amateur hour and if you get any chance to kick them out through an HOA meeting or some such then try as hard as you can, because support will be piss poor and just getting worse with time.

    Hate these fly by night setups with no clue what they are doing.
    Last edited by SauRoN; September 11th, 2018 at 10:31 PM.
    Hidden Content
    Hidden Content - "I am Quiet, I am the absence of words."

  3. Saying Thanks:

    chazysa (September 12th, 2018),  Uberutang (September 12th, 2018)  

  4. #3
    Senior Member
    Deep x Techno
    chazysa's Avatar
    Join Date
    Jan 2015
    Location
    Sandton, Gauteng, South Africa
    Posts
    416
    Game IDs
    Experience

    Default

    Quote Originally Posted by SauRoN View Post
    You’ll need to pay the extra money for a direct WAN IP of your own.

    They are using NATing everyone on a private network which is why you are getting a double NAT as you are in fact adding a second NAT.

    You could try disable routing and jack straight into the network but then everything of yours is exposed to everyone on that network like a public WiFi setup.

    Deeply insecure

    You mentioned this as “disabling the NAT” but you would need to disable DHCP and plug your router into one of the switch ports instead of the WAN port with any chance to make it work. Or if it has the option to switch from router mode to access point and then you can still use the WAN port.

    (Before doing the above plug a device directly into the port where the router plugs in. If that gets an IP and internet then the above will work).

    The better option is however to pay for the WAN IP and have your own direct link for you to manage yourself.

    Either way it’s all a case of amateur hour and if you get any chance to kick them out through an HOA meeting or some such then try as hard as you can, because support will be piss poor and just getting worse with time.

    Hate these fly by night setups with no clue what they are doing.
    Thanks a lot for this, bud - I am going to try what you suggested but I somehow have the feeling that I will need to obtain a paid public IP from these okes.

    Let's see how goes it.

  5. #4
    Gaming Wizard
    No.1 Pose
    SauRoN's Avatar
    Join Date
    Nov 2007
    Location
    Cape town
    Posts
    26,248
    Game IDs
    Experience

    Default

    Quote Originally Posted by chazysa View Post
    Thanks a lot for this, bud - I am going to try what you suggested but I somehow have the feeling that I will need to obtain a paid public IP from these okes.

    Let's see how goes it.
    If the socket for the Router provides an IP to any device then it should work happily.

    The trick is though that it might be restricted to a single or only a few IP's and then you start running into issues.

    However as someone with security in mind I would never run my won stuff through it like this....however I would do it to see what other people are getting up to.

    So ultimately for R47 a month or whatever to get a directly assigned WAN IP with self-management I would rather do that instead of doing the above even if it works purely because you'll open yourself up for data theft otherwise.

    (Man in the middle attacks are braindead simple on networks like these if people plug directly into them without NATting).
    Hidden Content
    Hidden Content - "I am Quiet, I am the absence of words."

  6. Saying Thanks:

    chazysa (September 13th, 2018),  Uberutang (September 12th, 2018)  

  7. #5
    Addicted Member Migs-se's Avatar
    Join Date
    Feb 2008
    Location
    Johannesburg
    Posts
    3,739
    Game IDs
    Experience

    Default

    Quote Originally Posted by SauRoN View Post
    Either way it’s all a case of amateur hour and if you get any chance to kick them out through an HOA meeting or some such then try as hard as you can, because support will be piss poor and just getting worse with time.
    What does HOA stand for, please?

  8. #6
    Senior Member
    Join Date
    May 2012
    Posts
    400
    Experience

    Default

    Home owners association

  9. Saying Thanks:

    Migs-se (September 12th, 2018),  SauRoN (September 12th, 2018)  

  10. #7
    Gaming Wizard
    No.1 Pose
    SauRoN's Avatar
    Join Date
    Nov 2007
    Location
    Cape town
    Posts
    26,248
    Game IDs
    Experience

    Default

    Quote Originally Posted by Migs-se View Post
    What does HOA stand for, please?
    As above.
    Hidden Content
    Hidden Content - "I am Quiet, I am the absence of words."

  11. Saying Thanks:

    Migs-se (September 12th, 2018)  

  12. #8
    Senior Member
    Deep x Techno
    chazysa's Avatar
    Join Date
    Jan 2015
    Location
    Sandton, Gauteng, South Africa
    Posts
    416
    Game IDs
    Experience

    Default

    @SauRoN - Using a Public IP resolved the issue.

    For my limited understanding here, is this actually secure?

  13. Saying Thanks:

    SauRoN (September 17th, 2018)  

  14. #9
    Gaming Wizard
    No.1 Pose
    SauRoN's Avatar
    Join Date
    Nov 2007
    Location
    Cape town
    Posts
    26,248
    Game IDs
    Experience

    Default

    Quote Originally Posted by chazysa View Post
    @SauRoN - Using a Public IP resolved the issue.

    For my limited understanding here, is this actually secure?
    As long as you have a firewall in place your connection is as good as anyone else’s.

    Literally the same as any person on ADSL or fibre.
    Hidden Content
    Hidden Content - "I am Quiet, I am the absence of words."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •