NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
NAT loopback on Orbi
based on this kb post the router supports the NAT loopback configuration: https://kb.netgear.com/000049578/Which-NETGEAR-routers-support-NAT-loopback can anyone share the config steps?
There are two topics here: NAT Loopback and forwarding port 8090 to that server at 10.0.0.100
NAT Loopback
Any device on the 10.0.0.x LAN can reach the server directly using the IP address 10.0.0.100.
NAT Loopback will work as well:
- On the Orbi, forward port 8090 to 10.0.0.100
- Learn the WAN IP address of this Orbi, which should be 192.168.1.??
- Attempt a connection to that 192.,168.1.?? address on port 8090.
- The Orbi router will say, "oh, my. 192.168.1.?? is not out on the internet somewhere, it is me."
It will use NAT Loopback to redirect the connection to itself, and then port forwarding will send the connection to the server.
Reaching the Server from the Internet
This can be achieved by using two Port Forwarding rules.
- On the Orbi, forward port 8090 to 10.0.0.100
- On the upstream router, forward port 8090 to the Orbi's WAN IP address (192.168.1.??)
- When a connection arrives from the internet to the upstream router's public IP address:port 8090, that router will say, "aha. connections to port 8090 go to 192.168.1.??) and forward the connection to the Orbi.
- The Orbil will say, "aha, connections to port 8090 go to 10.0.0.100" and forward the connection to the server.
- I have done this. The key is that you must be able to set port forwarding rules on that upstream router.
NAT Loopback is an integral part of the Orbi firmware. There is no configuration.
As an example, suppose that I have created a Port Forwarding rule to direct http (port 80) connections to my public IP address to a local web server at 192.168.1.30 and my public IP address is 172.249.113.238.
If anyone on the internet attempts to connect to http://172.249.113.238, they get put through to my web server. If a device on my local LAN connects to the same public IP address and port (http means port 80), they will get connected to the same web server. This is NAT Loopback. The key is that the Port Forwarding rule connects port 80 with 192.168.1.30. No Port Forwarding means no NAT Loopback.
(I just verified that this is the case.)
hi CrimpOn, can you confirm your firmware version and model? Also do you have any special configuration for the ACL?
Before posting, I tried exactly the same you described, the only difference is that I used a different port (8090) for HTTPS
Im attaching a picture with my firmware into.
Before posting, I tried exactly the same you described, the only difference is that I used a different port (8090) for HTTPS
Im attaching a picture with my firmware into.
I have the RBR50, running V2.7.3.23 (a beta version I was given by Netgear) Pretty certain that the changes from V2.7.3.22 would not affect NAT loopback. (see attached)
I notice that your Orbi has a LAN IP address of 10.0.0.1. Unless you chose this IP deliberately, that is unusual. The Orbi typically picks 192.168.1.x for the local LAN and changes to 10.0.0.1 when the device it is connected to gives the Orbi an IP in the 192.168.1.x range.
For NAT loopback to work, you have to specify the WAN IP of the Orbi.
Can you please double check that the WAN IP of the Orbi is the same IP that is reported by one of the "What is my IP?" web sites?
I'm behind a double NAT, (which I know is not ideal) so that is part of the reason why I changed my LAN IP scheme. So I can understand how this could interfere with my ability to reach the service from the internet. However, do you think this could also affect if I try to reach the service from my LAN?
To give a bit more of context, my LAN is completely flat and I have a home server that for the purposes of this example let say it's 10.0.0.100 running a few services, my main router upstream all to a second router with a 192.168.1.0/24 scheme which provides the internet access.
I was attempting to use a dynamic DNS address with the hope that when I reach to something like xxx.ddns.net:8090 I could access my services regardless if I was connected to my LAN or outside of it.
with this in mind anything I should try to make this work?
There are two topics here: NAT Loopback and forwarding port 8090 to that server at 10.0.0.100
NAT Loopback
Any device on the 10.0.0.x LAN can reach the server directly using the IP address 10.0.0.100.
NAT Loopback will work as well:
- On the Orbi, forward port 8090 to 10.0.0.100
- Learn the WAN IP address of this Orbi, which should be 192.168.1.??
- Attempt a connection to that 192.,168.1.?? address on port 8090.
- The Orbi router will say, "oh, my. 192.168.1.?? is not out on the internet somewhere, it is me."
It will use NAT Loopback to redirect the connection to itself, and then port forwarding will send the connection to the server.
Reaching the Server from the Internet
This can be achieved by using two Port Forwarding rules.
- On the Orbi, forward port 8090 to 10.0.0.100
- On the upstream router, forward port 8090 to the Orbi's WAN IP address (192.168.1.??)
- When a connection arrives from the internet to the upstream router's public IP address:port 8090, that router will say, "aha. connections to port 8090 go to 192.168.1.??) and forward the connection to the Orbi.
- The Orbil will say, "aha, connections to port 8090 go to 10.0.0.100" and forward the connection to the server.
- I have done this. The key is that you must be able to set port forwarding rules on that upstream router.