NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

silentk's avatar
silentk
Aspirant
Sep 04, 2022

Is NAT loopback supported on Netgear Orbi RBKE963

Hi all,   First time posting here, nice to meet you all.   I want to purchase a Netgear Orbi RBKE963 or the B (black) version. I have one specific requirement:   - Does it support NAT loopback?...
Hardware
Troubleshooting
DodgeDeBoulet's avatar
DodgeDeBoulet
Apprentice
Sep 05, 2022

do not believe the RBKE963 supports NAT loopback. That was something my previous router, a NetGear R9000 (running dd-wrt, not Netgear's firmware), did support and I was a bit dismayed when it went away upon installation of the Orbi. It wasn't a tragic loss, though, as I only needed to to monitor webcams from my phone when away from home; I had other means to monitor them while in the house.

 

The remainder of this reply is sort of a rant, so if you're satisfied with the answer, don't feel obligated to read on 😉

 

My travails with the RBKE963 have forced me to eliminate it as the internet gateway. I'm still using it, but in AP mode. My router is now an OPNSense firewall running on a Dell 7040 SFF PC and I'm absolutely in love with its feature set.

 

Prior to installing the firewall, I was rebooting the router (RBRE) every 5 to 7 days as IoT devices (smart plugs, switches, appliances, webcams) would randomly drop off the network and refuse to reconnect. A reboot would resolve the issue for another 5 to 7 days.

 

It's been more than 3 weeks since I installed the firewall and switched the RBRE to AP mode and I haven't had to reboot once.

 

OPNSense does support hairpinning/loopback and provides a wealth of configuration, management, VPN and reporting options that just don't exist in NetGear's consumer product line. Total cost for the firewall hardware was US$180 (eBay), and the software is free.

 

There are other options for getting what you want while retaining the Orbi as a router (split DNS using a dedicated DNS resolver such as a PiHole, for example), but they all require dedicated (or at least separate, always-on) hardware.

  • CrimpOn's avatar
    CrimpOn
    Guru - Experienced User
    Sep 05, 2022
    DodgeDeBoulet wrote:

    do not believe the RBKE963 supports NAT loopback. That was something my previous router, a NetGear R9000 (running dd-wrt, not Netgear's firmware), did support and I was a bit dismayed when it went away upon installation of the Orbi. It wasn't a tragic loss, though, as I only needed to to monitor webcams from my phone when away from home; I had other means to monitor them while in the house.

    Could you please describe the specific test which verified that NAT Loopback is not supported on the RBKE963?

     

    For example, on my RBR50 I forwarded HTTP to 192.168.1.4 (an Epson printer), opened Edge, entered http://<my public IP address> and up popped the printer web page.  What was your test?

    • DodgeDeBoulet's avatar
      DodgeDeBoulet
      Apprentice
      Sep 05, 2022

      I configured my phone to connect to my web cams via the public IP and ports, after creating the appropriate NAT rules in the Orbi configuration. I could not connect while attached to the WLAN, but could connect via WAN/4G/5G.

       

      With the new firewall and corresponding NAT rules (and hairpinning enabled) I am able connect using the public address from both WLAN and WAN.

      • CrimpOn's avatar
        CrimpOn
        Guru - Experienced User
        Sep 05, 2022

        Thanks for the explanation.  Disappointing to be sure. ☹️

         

        I had considered using port forwarding to provide access to security cameras and decided it was "too much detail" for me.  Since any given port (or range of ports) can be forwarded to only one internal IP, that meant I would have to define (and remember) separate external port numbers for each camera that would forward to the internal port number on different internal IPs.

         

        Such as, supposing the internal port was 9000:

        • Camera 1 would be public IP port 9001 forwarded to internal IP port 9000
        • Camera 2 would be public IP port 9002 forwarded to internal IP port 9000
        • Camera 3 would be public IP port 9003 forwarded to internal IP port 9000
        • and so on.

        While I am OCD enough to have worked this out and created browser bookmarks for each camera, I was already using the manufacturer's "cloud app" when away from home, so being able to access cameras from home with both LAN IP and NAT Loopback just wasn't worth the effort.  I only use NAT Loopback to verify that port forwarding is working.

         

        Appreciate you taking the time to report your results.  This still begs the question of why Netgear would remove a feature that existed in every previous router model.