NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

FishDawg's avatar
FishDawg
Aspirant
Feb 12, 2022

Orbi NAT Hairpinning/Loopback Not Working

I have the Orbi RBR750 router. I set up port forwarding as well as dynamic DNS. Everything works as expected when connecting to servers on my local network using that DNS name and port number when c...
CrimpOn's avatar
CrimpOn
Guru - Experienced User
Feb 12, 2022

I can verify that NAT loopback works on the (older) RBR50 Orbi.  Some possibilities come to mind:

 

  • What port is being forwarded? I have a vague memory of certain ports being "special" to the Orbi router. (my memory is not that great.  On my RBR50 the 'drop down' menu for port forwarding includes http (80) does not include https(443).  Are you trying to forward 443?
    i.e. does the specific port number make a difference?
  • What DNS service is being used to resolve DNS names?  I just now attempted to reproduce this error on my RBR50, by forwarding port 80 to one of my Pi-hole servers.  My PC is not using Orbi to resolve DNS. (using CloudFlare and Google instead). Got some goofy error message that access to http://<my-DDNS-name> was denied.  What this appears to be was that somehow the DDNS request got 'NAT-looped' to my Pi-hole, which threw a fit. I swear that I have done this exact experiment before to demonstrate that NAT-loopback 'works'.  Now, I am confused (and unhappy).
  • Can the problem be duplicated on another Orbi 750?  Alas, only some nice volunteer who watches the forum and has a 750 could do this.
  • The 750 firmware may be broken.  There have been plenty of issues raised about the 750 firmware.  This might be yet another problem.  (Do I remember correctly that there is 'beta' firmware going around for the 750?)
FishDawg's avatar
FishDawg
Aspirant
Feb 12, 2022
Your comments got me thinking. Thanks for the suggestions. I tested out the things you suggested, but couldn't find an answer.
What port is being forwarded?
I tried a few ports and it didn't help.
What DNS service is being used to resolve DNS names?
I tried changing this and it didn't help.
  • CrimpOn's avatar
    CrimpOn
    Guru - Experienced User
    Feb 12, 2022

    I really meant to ask, "which port?"  as in 443? 80? what?

    The original post mention port(s), i.e. more than one.?

    • FishDawg's avatar
      FishDawg
      Aspirant
      Feb 20, 2022

      Yes, a bunch of ports including 80. The port number doesn't seem to make any difference.

      • CrimpOn's avatar
        CrimpOn
        Guru - Experienced User
        Feb 20, 2022

        Frustrating that I have only the RBR50.  I forwarded port 80 to my Pi-hole, then opened http://<<my public IP> on two Windows computer a smartphone, and a tablet attached to the Orbi WiFi.  All of them immediately brought up the Pi-hole web page.

         

        Now..... how did this happen? Was it

        • The request went out to the internet through the ISP and then came back through the ISP to my public IP and was forwarded to the Pi-hole?  or....
        • The Orbi recognized the public IP and did a NAT loopback?

        My guess is the way to determine this is to do a packet capture and compare wan.pcap file against lan.pcap file to see if that traffic ever left the Orbi.  I promise to do that tomorrow.

         

        However, attempts to bring up the Pi-hole using the DDNS failed every time with an error that the Pi-hole needed to be whitelisted.  I whitelisted the DDNS URL, but the error remained.

         

        I am beyond frustrated.  IP works from the local LAN.  DDNS does not work from the LAN.   (IP worked from a smartphone using LTE data and failed using DDNS.  Now, I don't know if this is related to Pi-hole, Orbi.... or what.)

         

        What a dismal situation.  Guess I need to set up another service to test in addition to Pi-hole.