I’m trying to enable remote access in a double-NAT situation. I’ve recently gotten AT&T fiber with a BGW320 gateway. Behind this is my old Buffalo AirStation broadband router running DD-WRT. I’ve verified that there is no CGNAT - the external IP of the gateway is my public IP.
The gateway is using subnet 192.168.1.x, while the AirStation is using 192.168.11.x.
I’ve set up the Plex server with a fixed IP on the AirStation, and the AirStation with a fixed IP on the gateway. I’ve created a port forwarding rule on the AirStation that maps 49200 external to 32400 on the Plex server. I’ve enabled port forwarding on the gateway so that all external traffic should be routed directly to the AirStation.
The Plex server has remote access turned on, and I’ve manually set the public port to 49200. With this setup, I can’t access the Plex server directly using the Plex app on my Samsung GS9 when I’m on 4G. I can only get a relayed connection. And the same is true with my laptop, using plex.tv/web, if I connect it to the gateway’s wifi (i.e. in the DMZ). Only devices on the internal subnet can connect directly with the Plex server.
In your at&t router instead of creating a port forwarding, just choose the option DMZ e put there the ip if your ddwrt. Once that’s done, all requests will be sent directly to the ddwrt router. On your ddwrt just create a port redirect there as if it was directly connected to the internet.
Another thing if your tv and server are on different networks, you’ll need to add your TV’s network to settings > network > lan networks
In the BGW320, there isn’t any DMZ option. It’s now been renamed to port forwarding. This doesn’t mean a specific port, it means all ports get forwarded. I have this turned on already, but no luck.
Yes, I have set up a static IP for the DD-WRT router on the gateway. The IP passthrough uses a MAC address, not an IP, so that’s been set to the DD-WRT’s MAC address.
Just as a test, enable remote management on your ddwrt and try to access it using your cellphone connected to 4g. If it opens than the ip passthrough is working
Great suggestion, thanks. I cannot access the DD-WRT via remote management from the public internet. I can, however, access it from within the DMZ by connecting to the gateway’s wifi. So… apparently the IP passthrough isn’t doing what it’s supposed to.
You should disable the wireless on the AT&T gateway if your intention is to pass through everything to your AirStation. It will just cause interference with your AirStation wireless
For the IP Passthrough, what do you have set for
Allocation Mode
Default Server Internal Address
Passthrough Mode
Passthrough DHCP Lease
I am going to assume the Passthrough Fixed MAC address is correctly set to your AirStation.
Passthrough Fixed MAC address: Either choose your AirStation from the list, or manually type it in (Mine is manually typed)
Passthrough DHCP Lease: You can leave it at the default (10 minutes)
Additionally, go to Home Network → Subnets & DHCP
Configure the following settings:
Public Subnet Mode: Off
Allow Inbound Traffic: Off
Cascaded Router Enable: Off
Be sure to power cycle both the AT&T box and the AirStation after saving these settings.
These are the settings I have configured. Again you should really consider disabling the Wi-Fi on the AT&T box. When connected to your AirStation wireless, you can still connect to the AT&T box using 192.168.1.254
Update the subnet settings, power cycle the network gear and try again.
192.168.1.254 should the default IP of the AT&T box, is this true for your setup or has it changed to something different?
You should be able to ping the AT&T gateway from your internal network.
I have a Ubiquity network set up with a 10.0.1.X subnet and have no issues reaching the AT&T box. (I previously had an AirPort Extreme which defaulted to that 10.0.1.X subnet, so I kept it that way to preserve my IP reservations.)
I reviewed that article. I got the IP passthrough working, but not by doing what it said. Basically, my setup was exactly what that article says, except I haven’t turned off the wifi on my AT&T gateway. As you know, that wasn’t working. Then, I tried removing the fixed IP allocation from the gateway to my DD-WRT and restarted everything. All of a sudden, the WAN IP of the DD-WRT became my public IP! Not only that, but IP passthrough works, both with remote admin of the DD-WRT and with my Plex server.
But one issue remains: I’m still unable to see 192.168.1.254 (the gateway) from my internal network (192.168.11.x). This means I can only administer the gateway by connecting a device directly to it. Strangely, there’s no problem going the other way - a device connected to the gateway wifi can see any IP on the 192.168.11.x subnet. I would love to get this resolved so that I can turn off the wifi.
If it’s an option for you, just hardwire a computer to the AT&T gateway, disable the wireless, and leave it be. In the almost 4 years I’ve had fiber I have only accessed the gateway once on the initial setup. As long as you are able to hardwire a device to the gateway when needed, I don’t think it’s crucial to get it working as long as everything else works.
Plus, there should be connectivity both ways since they are directly connected, fisically and logically. This should be another at&t “feature”.
But as stated, once the DMZ is created there’s really no need to have access to the gateway. Enjoy your Plex
