Hi there,
This has probably been asked before, and I tried to find the answer between many threads about double nat. But most seems to be about setting up port forwarding.
So I am in the situation that my ISP is supplying my whole apartment complex with a fiber line, on that line is a router to separate all apartments, and also it will give each apartment a local IP. However since I don’t have access and cannot get the ISP to forward me ports, I am unfortunately without luck for a direct connection. I simply don’t have an external IP i can connect to.
My ISP solution to this is that I have to buy a direct IP, which cost 50% of what the connection cost each month, so not really a big fan of that solution.
Is there any way to make a tunnel out?
The only real solution I know is to use VPN to tunnel out.
Can you explain how you connect to the complex router? Do you have a router to. Can you connect a switch? Does your complex assign an ip to your apt?if a switch is connected do you get multiple ip addresses.
@MonoTovarisj said:
Hi there,
This has probably been asked before, and I tried to find the answer between many threads about double nat. But most seems to be about setting up port forwarding.
So I am in the situation that my ISP is supplying my whole apartment complex with a fiber line, on that line is a router to separate all apartments, and also it will give each apartment a local IP. However since I don’t have access and cannot get the ISP to forward me ports, I am unfortunately without luck for a direct connection. I simply don’t have an external IP i can connect to.
My ISP solution to this is that I have to buy a direct IP, which cost 50% of what the connection cost each month, so not really a big fan of that solution.
Is there any way to make a tunnel out?
No practical solution for you.
You could have an ssh tunnel or VPN, those solutions bring problems.
I would personally recommend to bite the bullet and have your own ip.
Certain apps support the relay function which basically does the tunnelling for you. While you will be limited to 2Mbps it still is the simplest solution.
You can read up here for more info: https://support.plex.tv/hc/en-us/articles/216766168-Accessing-a-Server-through-Relay
@mavrrick said:
Can you explain how you connect to the complex router? Do you have a router to. Can you connect a switch? Does your complex assign an ip to your apt?if a switch is connected do you get multiple ip addresses.
Yes the “isp” have a router in our building that have the fiber, and then they run one external IP address on that router, every apartment under this router get up to four local ip addresses. I have then my own router that runs my own local network, partly to get wifi but also to be able to have more than 4 devices.
@drzoidberg33 said:
Certain apps support the relay function which basically does the tunnelling for you. While you will be limited to 2Mbps it still is the simplest solution.
You can read up here for more info: https://support.plex.tv/hc/en-us/articles/216766168-Accessing-a-Server-through-Relay
Interesting, do you know which apps, and how I set it up, I could easily live with 2 mbps.
Do you know if the router from the isp has upnp enabled? If you may be able to have a device attached to that and setup upnp mapping on the edge router to your router. Then you just have to forward that port to your server. A little cludgy and another piece of hardware that could fail and prevent access but it is possibly a solution.
Iso your IP range static to your apt. I mean do you only get the same 4 ip addresses everything time.
@mavrrick said:
Do you know if the router from the isp has upnp enabled? If you may be able to have a device attached to that and setup upnp mapping on the edge router to your router. Then you just have to forward that port to your server. A little cludgy and another piece of hardware that could fail and prevent access but it is possibly a solution.
Iso your IP range static to your apt. I mean do you only get the same 4 ip addresses everything time.
I have no access at all to the ISP router, and ISP only solution is letting me pay for an external IP.
But will the router accept a request to setup UPNP port forwarding
Hmm, how would that works without access?
@mavrrick said:
But will the router accept a request to setup UPNP port forwarding
With double NAT, the internal router (behind the external facing router) doesn’t request a port, so in the external router you have to set up a manual port forward in it that points to the internal router.
Upnp is a technology that allows a pc to request a port forwarding dynamically. If he connects a pc directly to the fiber router he potentially could request that forward to be enabled. Then if he knows he gets a specific ip he could request the router to forward a specific port to go to his router. Once that is done simply forward that port to his server and all is well. This only works of the router allows upnp which most do by default and is good to leave enabled for allot of stuff to work that isn’t like plex.
@mavrrick said:
Upnp is a technology that allows a pc to request a port forwarding dynamically. If he connects a pc directly to the fiber router he potentially could request that forward to be enabled. Then if he knows he gets a specific ip he could request the router to forward a specific port to go to his router. Once that is done simply forward that port to his server and all is well. This only works of the router allows upnp which most do by default and is good to leave enabled for allot of stuff to work that isn’t like plex.
So why is the internal router not able to request the port to be open over upnp?
@MonoTovarisj said:
@mavrrick said:
Upnp is a technology that allows a pc to request a port forwarding dynamically. If he connects a pc directly to the fiber router he potentially could request that forward to be enabled. Then if he knows he gets a specific ip he could request the router to forward a specific port to go to his router. Once that is done simply forward that port to his server and all is well. This only works of the router allows upnp which most do by default and is good to leave enabled for allot of stuff to work that isn’t like plex.
So why is the internal router not able to request the port to be open over upnp?
Because a router WAN port does not request port openings. This is why there are only two real fixes for double NAT - turn the external router into a modem only, or port forward the external and internal routers.
@MonoTovarisj said:
@mavrrick said:
Upnp is a technology that allows a pc to request a port forwarding dynamically. If he connects a pc directly to the fiber router he potentially could request that forward to be enabled. Then if he knows he gets a specific ip he could request the router to forward a specific port to go to his router. Once that is done simply forward that port to his server and all is well. This only works of the router allows upnp which most do by default and is good to leave enabled for allot of stuff to work that isn’t like plex.
So why is the internal router not able to request the port to be open over upnp?
The simplest answer is that a router is suppose to be the cop on your network. It is suppose to be the edge device that separates you from the Internet. If that is always the case you never would have a double NAT condition. The problem is that the Internet is running out of IPv4 addresses and so network providers are using NAT’s to expand there network beyond the ip range they own to provision.
The real solution. Would be to move to IPv6 which wouldn’t have this issue. That can have other difficulties though
Would I be able to just use a rasberry pi or something to request the open port? Or would I have to route all my data through that devices?
No. You can’t spoof the system that way.
If there is a way for the raspberry pi to request via upnp to create the port forwarding that is what I was suggesting. You would just need to make sure your routers ip is the same each time.
In my attempt to resolve there are two things attached to the isp router. Your router and then a machine of some sort to request the upnp port forward. Your router would need to have a static ip so that it doesn’t change. The use the other device to request the port forwarding rule via upnp. Then in the router configure the forwarded port to go to the internal system running PMS. In theory if you can get a static ip for your server and request the port forwarding via UPNP the. This should work. Don’t forget this is theory, sometimes application will prove it isn’t as viable. The other issue is UPnP isn’t always as reliable as it should be.
hey mavrrick, thank you for the theory, but I don’t think I have the technical knowledge nor the patience to set something like this up, but I found it very interesting. I think my solution would be to use relay when it gets a bit more hours on the hood, or pay for getting a external ip.
In case you are interested in taking this further a upnp port mapper can be found at https://github.com/kaklakariada/portmapper
