We recently "upgraded" our Internet service with ATT. Will putting the Orbi in Access point mode only also help? This story, "How to identify and resolve double-NAT problems" was originally published by Double NAT isn’t necessarily a problem. Cookies help us deliver our Services. Press J to jump to the feed. I already mentioned how to quickly tell if an ISP’s gateway has NAT and routing capabilities, but you might also want to see if double NAT is actually happening before spending time on the issue. If you’ve confirmed you have double NAT, there are ways to fix it. You should avoid double NAT'ing when at all possible, but what it boils down to for me is that the USG is a much better device all around than the Arris, so I want the Arris out of the picture as much as possible. Read our, Learn more about PCWorld's Digital Editions. I already had my router, and for the price that I paid for it, I wasn’t going to use their equipment to do my networking. Then use the Orbi router in router mode. Furthermore, you should also see if you can establish an IP address reservation for your router, so your gateway always gives the same private IP address to your router. It should also be noted that the BGW210 only has 8k NAT entries, ... get my Plex server to work correctly because of the double NAT. Enabled 'Use Router as DHCP server' with LAN IP address of More evidence of a double NAT situation: My router's WAN IP address is private, not public. Behind each public IP, there can be hundreds of devices with their own private IP addresses, thanks to NAT. Find the Port Forwarding Section. If you see two private IP addresses listed in the first two hops then you have double NAT. IP-passthrough as you've discovered involves an extra NAT step. TechHive. Previously I used iptables to provide a 1 to NAT translating between public and private IP addresses. Sometimes gateways will detect double NAT and automatically fix the issue for you. If you see only one private address and the second hop shows a public address, then you’re all good. I did not set an IP Address Allocation for the ASUS router. PCWorld helps you navigate the PC ecosystem to find the products you want and the advice you need to get the job done. If you want to avoid the extra NAT, putting the Orbi in AP mode would probably do it. How you can fix it. Double NAT isn’t necessarily a problem. Here’s what that could look like: Bridge mode. There are also ways of bypassing the AT&T router, but they're more complicated. This will disable the gateway’s NAT, firewall, and DHCP functions and reduce it to a simple internet modem. and I'm more then willing to give yah some helpful tips on whats going in your network setup. If you see an address in the 10.x.x.x or 192.168.x.x range (both of which are private) it means that the device your router's WAN port connects to is doing NAT, and hence, you're dealing with double NAT. Double NAT. One quick way that usually shows if double NAT exists is a traceroute, which allows you to ping a server or device on the internet and see the path it takes between routers and servers. Will solve double NAT issue Should be easier than figuring out to port forward with the darn provided gateway I tried for hours attempting to get my remote access for Plex working through the AT&T provided gateway. If there’s only one Ethernet port, it’s likely a simple modem (aka a broadband gateway). This screenshot shows how I’ve configured my router for port forwarding, so that I can use remote SSH (Secure Shell) on a server on my local network. The digital world is all about IP (internet protocol) addresses. The BGW210 doesn't have a bridge mode, just IP-passthrough. To check for double NAT on your network, log into your router and look up the IP address of its WAN port. This can also result in performance issues if you play online games or use port forwarding rules and UPnP. I can’t do that if my gateway is also performing NAT (network address translation). If you don’t see it, search the internet for details on your particular model, or call your ISP’s tech support. Note: When you purchase something after clicking links in our articles, we may earn a small commission. anyone help here? If you’re a power-user and you can’t part with your fancier router, then this option probably isn’t for you. It seems like the passthrough mode may not be working properly... or the BGW210 is still doing some NAT work somehow. IP-passthrough as you've discovered involves an extra NAT step. Another way to check for double NAT is to connect to your router’s web-based GUI and see if the WAN (internet) IP address is private or public. 2. If it’s a private address then you have double NAT. however still not working as tracert to still shows (orbi) and (Arris) as 1st 2 hops, idk what else to do. This will basically turn your router into a switch, and any computers connecting through the router (either wired or wirelessly) will get NAT, firewall, and DHCP from the ISP’s gateway. ATT BGW210 iptables 1 to 1 NAT. He’s also the founder of NoWiresSecurity, which provides a cloud-based Wi-Fi security service, and Wi-Fi Surveyors, which provides RF site surveying. Another option for eliminating double NAT while keeping a ISP gateway and your router is to run an ethernet cable from the gateway to one of your router’s LAN ports instead of the router’s WAN (internet) port. If you’d like to keep your router, see if you can put the ISP’s gateway into bridge or passthrough mode. Other network services are also typically offered, like DHCP (dynamic host control protocol) to give out the private IP addresses to devices that connect to the local network. This is a good option if you’re using a secondary router to get better Wi-Fi or because you need more ethernet ports. More evidence of a double NAT situation: My router's WAN IP address is private, not public. You will notice that if you plug a router into the BGW210, it will not work, and if it does, your devices will be Double NAT (being routed through 2 routers, and hitting each of their respective ‘firewalls’.) Services like these sometimes require certain ports to be opened in the router’s firewall and directed to a particular computer or device on the network. This would include online gaming on computers or consoles, remote desktop into your computers, connecting to a VPN server, or accessing security camera feeds. first things first lets debunk the myth that buying two separate routers is going to fix your problem, the actual problem is that the provided gateway most likely only supports one gaming console with an open nat. More evidence of a double NAT situation: My router's WAN IP address is private, not public. If you’ve confirmed you have double NAT, there are ways to fix it. Configure the modem for transparent bridge mode. My Arris gateway from TimeWarner (Spectrum) has its NAT options in the LAN settings, but other vendors may have it in the WAN or another area. Addresses outside of these ranges would be public (internet) addresses. Or even if the first router has the port forwards, it can’t forward the traffic to a device that’s connected to the second router. For the two ways I’ll show you how to detect a double NAT situation, you’ll need to check your IP addresses and know if they’re private or public.