NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

seachellemz's avatar
seachellemz
Aspirant
Nov 21, 2022

Orbi w/XFI and Port Forwarding

I have an Xfinity XFI Gateway front-ending an Orbi Mesh Network.  I have a web server that I am hosting on my network.  Right now I am unable to access my website from outside of my network.  Here is...
Troubleshooting
CrimpOn's avatar
CrimpOn
Guru - Experienced User
Nov 21, 2022

If the gateway is really in bridge mode, then port forwarding rules are not relevant. Could you try an experiment and use a different port number (as a test) 

CrimpOn's avatar
CrimpOn
Guru - Experienced User
Nov 21, 2022

Could you specify the exact model of Xfinity xFi gateway (there appear to be several).  I'd like to find the user manual and see how Xfinity describes Bridge Mode. 

 

Your hunch is entirely correct that a typical "Double NAT" makes exposing servers to the internet very difficult.  There are several common solutions:

  • Place the ISP device into Bridge Mode.
    Leave the customer router in router mode.
    Create port forwarding rules on the customer router.
  • Leave the ISP device in router mode.
    Place the customer WiFi equipment in Access Point (AP) mode.
    Create port forwarding rules on the ISP router.
  • Leave the ISP device in router mode.
    Put the customer router in the ISP router DMZ.
    Create port forwarding rules on the customer router.
  • Leave the ISP device in router mode.
    Create port forwarding rules on the ISP router to forward to the IP address of the customer router.
    Create port forwarding rules on the customer router to forward to the local server.
    I have done this successfully, but it is cumbersome and tedious.  If "nothing else works".... maybe.
    (I just did it to verify that it is possible.  I actually forwarded ports through three routers.)

I asked about trying a different port because 443 is sort of "special".  The Orbi router accepts connections on port 443 for the Orbi web browser interface.  I have successfully forwarded port 80 through my Orbi router, but do not currently have a web server that I can expose to the internet for a test.

  • CrimpOn's avatar
    CrimpOn
    Guru - Experienced User
    Nov 21, 2022
    CrimpOn wrote:

    I asked about trying a different port because 443 is sort of "special".

    Remembered that my security cameras have a web server that can be set to both  http (80) and https (443).  Forwarded port 443 through the router to the camera. Disconected phone from WiFi to use LTE and web browser connected to camera. (web interface unusable on the tiny phone screen, but it certainly connected.)

     

    Plus Shields Up! reported port 443 "open" which it does only if a device on the LAN actually responds to a connection request.
    https://www.grc.com/shieldsup 

     

    The xFi router does not appear to be in Bridge Mode.  Would either call Xfiinity to get help (and maybe very frustrated) or put the Orbi in the xFi router DMZ.