NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
juansolanop
Oct 21, 2021Aspirant
NAT loopback on Orbi
based on this kb post the router supports the NAT loopback configuration: https://kb.netgear.com/000049578/Which-NETGEAR-routers-support-NAT-loopback can anyone share the config steps?
- Oct 25, 2021
There are two topics here: NAT Loopback and forwarding port 8090 to that server at 10.0.0.100
NAT Loopback
Any device on the 10.0.0.x LAN can reach the server directly using the IP address 10.0.0.100.
NAT Loopback will work as well:
- On the Orbi, forward port 8090 to 10.0.0.100
- Learn the WAN IP address of this Orbi, which should be 192.168.1.??
- Attempt a connection to that 192.,168.1.?? address on port 8090.
- The Orbi router will say, "oh, my. 192.168.1.?? is not out on the internet somewhere, it is me."
It will use NAT Loopback to redirect the connection to itself, and then port forwarding will send the connection to the server.
Reaching the Server from the Internet
This can be achieved by using two Port Forwarding rules.
- On the Orbi, forward port 8090 to 10.0.0.100
- On the upstream router, forward port 8090 to the Orbi's WAN IP address (192.168.1.??)
- When a connection arrives from the internet to the upstream router's public IP address:port 8090, that router will say, "aha. connections to port 8090 go to 192.168.1.??) and forward the connection to the Orbi.
- The Orbil will say, "aha, connections to port 8090 go to 10.0.0.100" and forward the connection to the server.
- I have done this. The key is that you must be able to set port forwarding rules on that upstream router.
juansolanop
Oct 25, 2021Aspirant
I'm behind a double NAT, (which I know is not ideal) so that is part of the reason why I changed my LAN IP scheme. So I can understand how this could interfere with my ability to reach the service from the internet. However, do you think this could also affect if I try to reach the service from my LAN?
To give a bit more of context, my LAN is completely flat and I have a home server that for the purposes of this example let say it's 10.0.0.100 running a few services, my main router upstream all to a second router with a 192.168.1.0/24 scheme which provides the internet access.
I was attempting to use a dynamic DNS address with the hope that when I reach to something like xxx.ddns.net:8090 I could access my services regardless if I was connected to my LAN or outside of it.
with this in mind anything I should try to make this work?
CrimpOn
Oct 25, 2021Guru - Experienced User
There are two topics here: NAT Loopback and forwarding port 8090 to that server at 10.0.0.100
NAT Loopback
Any device on the 10.0.0.x LAN can reach the server directly using the IP address 10.0.0.100.
NAT Loopback will work as well:
- On the Orbi, forward port 8090 to 10.0.0.100
- Learn the WAN IP address of this Orbi, which should be 192.168.1.??
- Attempt a connection to that 192.,168.1.?? address on port 8090.
- The Orbi router will say, "oh, my. 192.168.1.?? is not out on the internet somewhere, it is me."
It will use NAT Loopback to redirect the connection to itself, and then port forwarding will send the connection to the server.
Reaching the Server from the Internet
This can be achieved by using two Port Forwarding rules.
- On the Orbi, forward port 8090 to 10.0.0.100
- On the upstream router, forward port 8090 to the Orbi's WAN IP address (192.168.1.??)
- When a connection arrives from the internet to the upstream router's public IP address:port 8090, that router will say, "aha. connections to port 8090 go to 192.168.1.??) and forward the connection to the Orbi.
- The Orbil will say, "aha, connections to port 8090 go to 10.0.0.100" and forward the connection to the server.
- I have done this. The key is that you must be able to set port forwarding rules on that upstream router.
- juansolanopOct 25, 2021Aspirant
thank you! this makes a lot of sense. Based on my scenario, the upstream router must support NAT loopback as well for this to work. Correct?
- CrimpOnOct 25, 2021Guru - Experienced User
juansolanop wrote:
thank you! this makes a lot of sense. Based on my scenario, the upstream router must support NAT loopback as well for this to work. Correct?
No, I do not think this is correct. NAT Loopback from a device on your 10.0.0.x nerwork will be caught by the Orbi and never reach the upstream router. If you used the public IP address, rather than the 192.168.1.?? address, then Yes, that upstream router could use NAT Loopback to send the connection back to the Orbi, which would forward it to the server.
Forwarding internet connections to this server has nothing to do with NAT Loopback. Straight port forwarding all the way.
NAT Loopback is a convenient way to test port forwarding when there is only a single router, because using the Public IP address in a connection will look exactly like someone connecting from the internet.
- juansolanopOct 25, 2021Aspirant
As soon as I configure port forward in the upstream router everything started working from inside and outside my network. Thank you for all the help.