Double NAT
-
I recently switched ISP and found that much of my local network is no longer useable from outside the home. All I did was swap the Ethernet from one to the other. We've since figured out the the new ISP has me behind a NAT. They claim they don't have enough public available. I'm curious if pfSense has any option to help me get my VPN functional again as well as Plex. These are my big issues.
-
crazy thought haven't played or tried maybe ipv6 tunnel and hit it using static ipv6 addresses ??
-
They put me on a public IP but left the modem in nat mode. Incoming traffic for vpn still doesn't work. We're both stumped. He says everything is being passed unfiltered. I don't know whats differant between the ISPs. All I did was move the ethernet cable over. There is/was nothing blocked on my end. It went from working to not working at the move of a cable. Any thoughts?
-
Is the WAN address on your pfSense box a public or private space IP address?
-
Not sure… This is what the dashboard widget reports: WAN_DHCP
192.168.254.xxx I suspect it's private. -
Yep thats private. Your double NATted.
-
They put me on a public IP but left the modem in nat mode. Any thoughts?
Ok now I read this correct..
Your modem either has to be put into bridge mode (best).. or you have to port forward everything (look up DMZ) to your pfsense box wan address. (not so much the best)
-
That's what I thought and when he put it in bridge mode everything died. I'm beginning to think these guys are incompetent!
-
Remember- When he puts it in bridge mode you need renew your WAN address.. Unplug the WAN cable and replug after a few seconds should do it.
What kind of internet do you have?
-
I had Time Warner Cable and it worked great. I switched to a new company that gave better speed and better price. So far I'm not seeing the speed and the connection has been limited with this NAT issue. The new guy is redzonewireless.com
-
What modem do they have you on? Is it a 4G solution or one of their wireless nodes?
When the modem is put in bridge mode what IP does your pfSense box get handed??
-
I'm on a telrad lte modem. The ip is as noted above.
-
If its the same address in bridge mode it wont work unless their stuff port forwarded everything to your stuff. That address is non routable.
Im assuming your running a VPN server on your end?
If its a client you should have no problems..
-
In bridge mode you may be responsible of everything that is above OSI L1 and that may include authenticating to the network.
If they are connecting you via a PPPoE connection you will need to configure your WAN internface to supply the credentials of the connection.
In routed mode the provider's router is the one that does all that stuff but in bridge mode all that may be your responsability.
-
They found the problem. There was a box in the telrad modem called ip pass thru that needed to be checked. It doesn't fully solve the problem however. A port scan on my ip shows all ports closed despite me having some open. PfSense is one that can't be accessed from the public internet and it could on the twc modem. They claim nothing is being blocked.
