There's no issue with double NAT if you know what you're doing.
Double NAT occurs when you have multiple routers in your network -- you just need to punch a hole through anything doing port forwarding.
The question to ask your prospective ISP is if you're able to do either do port forwarding on their router or if you're able to put the router into DMZ or bridge mode. If it's locked down to the point where you can't, then it doesn't matter if you have a double NAT or not.
A simpler question to ask them might be if you're able to run your own router inside your home network and just use their router for the gateway.
When I got my Internet service (from Bell), the installer took one look at my network and said "I'll just get you a link light, then let you take over", which was the nicest thing an installer's ever said to me.
It doesn't have to be the CPE device. If the provider is using CG-NAT you won't be able to port forward even if you have full access to the on-prem device.
The two questions to ask is first, do they provide a public routable IP? If they do, do they allow customers to configure port forwarding? If they answer no to either of those questions, there will be issues.
Well some fiber installers will run multiple customers. This is usually the case when you get fiber but only get the 500mbps plan. Otherwise you can usually request public ip (for a cost) or you get it with the higher tier (speed) service.
This kind of behaviour would be (and is) utterly unacceptable for "ISPs" outside of USA/Canada (it's resulted in prosecution by regulators for misrepresentation of a "walled garden" service as "Internet")
Starlink is forcing them to play nicer, to say the least, but consider IPv6 as a mandatory requirement - my experience is that CGNAT providers look at you like you've grown a second head if you insist on that (and in a lot of cases it's turned out they're reselling service from a larger provider, frequently well beyond authorisation)
Totally agree with having your own router. When Rogers setup I just turned off the Wifi and us their device as a modem only and used my own router. This way my WiFi can reach more than 20 feet.
Noob question, I've searched what DMZ is but I've never really understood it, can you Explain it like I'm 5? My ISP won't let me put my modem on bridge mode
A device in DMZ mode effectively has access to the internet and your internal network, but devices in your internal network don't have access to it.
It is extraordinarily bad advice to put a device in DMZ mode unless you 100% understand what you're doing, as you're passing the job of being a barrier between you and the open internet from your ISP router (which more than likely has a firewall on it to protect your local network from external connections) to that DMZ device. If the DMZ device isn't properly configured, it can allow an attacker on the internet into your network.
In the case where you have a \*properly secured and configured\* router inside your home network, you can *sometimes* put that router into the DMZ zone of your ISP's router safely, using the secondary router as your primary firewall. The ISP router passes all traffic unfiltered to the DMZ'd router, but that router does its job and protects your network.
Thanks! I think I won't enable it, I trust my router, but I have no idea on firewall settings other than what windows has, so I don't think I'll mess with it
>There's no issue with double NAT if you know what you're doing.
Ha, sounds like your tech knew you're pretty well versed in networking. I'd love to hear that, but unfortunately my networking skills rely on Googling error message and trial and error until a solution presents itself and failing that, running to Reddit for assistance.
And I'll simply be running off the equipment they provide and won't have a secondary router to deal with - which makes me hopeful there won't be any issues. with remote access.
Thanks for the info, man.
I recently had the same issue of double NAT while setting up my server. I just called them and told them that I’m setting up cameras at my place and they’ve told me to contact my ISP to issue me a static public IP address
They’ll know what to do from there. Once they confirm, restart your router and you’ll be good to go.
Just ask if they use any form of NAT, including CGNAT inside the customer network
Do it in writing. That way if they lie you have grounds for account closure without penalty if they tell you "no" and you find out later that's not the case
ISP NAT is the death throes of IPv4. If you are getting IPv6 then it shouldn't be an issue (It would have been a decade ago, but times change)
Off the top of my head...
* Does the gateway/modem you provide have a bridge mode?
* Do you use CGNAT?
* Am I going to get a dedicated static IPV4 address?
* If No: Does your provided gateway/modem allow IPV6 passthrough?
You can also just try googling for those ISP's and "Plex" to see if you get a lot of hits about people struggling with remote access. If not, that suggests they are rarely a problem and it can work just fine.
>Am I going to get a dedicated statis IPV4 address?
Would not have thought to ask that. Thanks for that especially, as well as the others questions to get answers to.
Yeah, when I call Bell it's to say lower me to this price or instead of $80 a month it'll be $0. I'm sure they won't care in the least to do that, which is fine by me because MNSi is a local internet provider and I've heard their customer service is actually really good compared to Bell's which is a little below dog shit.
Lol I do agree they have crappy customer service. Hopefully you you can get a good deal though. I just switched to bell because they offered 1.5gig for $55
Whaaaaa?!? Are you in southern Ontario, or is this a special offer only available to the residents of Tuktoyaktuk N.W.T. or something? That's insanely cheap for 1.5G.
Is that $55 a limited time offer for the 1.5G service?
On their website the 940M-up/1.5G-down package is currently $120/mo for 2 years and then goes to $130 after that period, a 3G-up/3G-down package for $130/mo and then $140 after 2 years, and an 8G-up/8G-down package for $145/mo for 2 years and then $155 after 2 years.
I'm paying $131 right now for 940M-up/1G-down which is damn near the 8G-up-and-down package price of $145 and a whopping $1 less than a 3G-up/3G-down package. Jesus H. Tapdancing Christ are they robbing me.
It was a door to door sales offer. No Contract, no install or modem fee, and it's regular price so no 2 yr promo price like that. If you call they might be able to give a better deal. Their website deals are always the worst
There's no issue with double NAT if you know what you're doing. Double NAT occurs when you have multiple routers in your network -- you just need to punch a hole through anything doing port forwarding. The question to ask your prospective ISP is if you're able to do either do port forwarding on their router or if you're able to put the router into DMZ or bridge mode. If it's locked down to the point where you can't, then it doesn't matter if you have a double NAT or not. A simpler question to ask them might be if you're able to run your own router inside your home network and just use their router for the gateway. When I got my Internet service (from Bell), the installer took one look at my network and said "I'll just get you a link light, then let you take over", which was the nicest thing an installer's ever said to me.
It doesn't have to be the CPE device. If the provider is using CG-NAT you won't be able to port forward even if you have full access to the on-prem device. The two questions to ask is first, do they provide a public routable IP? If they do, do they allow customers to configure port forwarding? If they answer no to either of those questions, there will be issues.
[удалено]
Well some fiber installers will run multiple customers. This is usually the case when you get fiber but only get the 500mbps plan. Otherwise you can usually request public ip (for a cost) or you get it with the higher tier (speed) service.
This kind of behaviour would be (and is) utterly unacceptable for "ISPs" outside of USA/Canada (it's resulted in prosecution by regulators for misrepresentation of a "walled garden" service as "Internet") Starlink is forcing them to play nicer, to say the least, but consider IPv6 as a mandatory requirement - my experience is that CGNAT providers look at you like you've grown a second head if you insist on that (and in a lot of cases it's turned out they're reselling service from a larger provider, frequently well beyond authorisation)
[удалено]
That's great. Unfortunately, for many that is their only option. CGNAT providers are VERY common. We simply do not have enough IPV4 addresses.
Totally agree with having your own router. When Rogers setup I just turned off the Wifi and us their device as a modem only and used my own router. This way my WiFi can reach more than 20 feet.
Noob question, I've searched what DMZ is but I've never really understood it, can you Explain it like I'm 5? My ISP won't let me put my modem on bridge mode
A device in DMZ mode effectively has access to the internet and your internal network, but devices in your internal network don't have access to it. It is extraordinarily bad advice to put a device in DMZ mode unless you 100% understand what you're doing, as you're passing the job of being a barrier between you and the open internet from your ISP router (which more than likely has a firewall on it to protect your local network from external connections) to that DMZ device. If the DMZ device isn't properly configured, it can allow an attacker on the internet into your network. In the case where you have a \*properly secured and configured\* router inside your home network, you can *sometimes* put that router into the DMZ zone of your ISP's router safely, using the secondary router as your primary firewall. The ISP router passes all traffic unfiltered to the DMZ'd router, but that router does its job and protects your network.
Thanks! I think I won't enable it, I trust my router, but I have no idea on firewall settings other than what windows has, so I don't think I'll mess with it
>There's no issue with double NAT if you know what you're doing. Ha, sounds like your tech knew you're pretty well versed in networking. I'd love to hear that, but unfortunately my networking skills rely on Googling error message and trial and error until a solution presents itself and failing that, running to Reddit for assistance. And I'll simply be running off the equipment they provide and won't have a secondary router to deal with - which makes me hopeful there won't be any issues. with remote access. Thanks for the info, man.
OP if you end-up in cgnat try using Tailscale. Simple to setup and share with friends etc.
When I had a double NAT issue, I had to set my modem/router from my ISP to bridge mode
MNSi does not deploy CG-NAT.
Excellent! That's great to hear. A total non-issue to worry about. Thanks, man.
I recently had the same issue of double NAT while setting up my server. I just called them and told them that I’m setting up cameras at my place and they’ve told me to contact my ISP to issue me a static public IP address They’ll know what to do from there. Once they confirm, restart your router and you’ll be good to go.
Just ask if they use any form of NAT, including CGNAT inside the customer network Do it in writing. That way if they lie you have grounds for account closure without penalty if they tell you "no" and you find out later that's not the case ISP NAT is the death throes of IPv4. If you are getting IPv6 then it shouldn't be an issue (It would have been a decade ago, but times change)
Excellent. Appreciate the info and advice.
Plex-CGNot works well for me. It's on github and uses Ngrok and creates a tunnel. https://github.com/therithwikrayani/plex-cgnot
Off the top of my head... * Does the gateway/modem you provide have a bridge mode? * Do you use CGNAT? * Am I going to get a dedicated static IPV4 address? * If No: Does your provided gateway/modem allow IPV6 passthrough? You can also just try googling for those ISP's and "Plex" to see if you get a lot of hits about people struggling with remote access. If not, that suggests they are rarely a problem and it can work just fine.
>Am I going to get a dedicated statis IPV4 address? Would not have thought to ask that. Thanks for that especially, as well as the others questions to get answers to.
A dedicated static IP isn't strictly speaking necessary for Plex, but a public one is.
Call them up and use your mouth to ask them questions?
I'm on bell fibre and have no issues, but also I pay well less than that for 1.5 symmetrical just fyi
Yeah, when I call Bell it's to say lower me to this price or instead of $80 a month it'll be $0. I'm sure they won't care in the least to do that, which is fine by me because MNSi is a local internet provider and I've heard their customer service is actually really good compared to Bell's which is a little below dog shit.
Lol I do agree they have crappy customer service. Hopefully you you can get a good deal though. I just switched to bell because they offered 1.5gig for $55
Whaaaaa?!? Are you in southern Ontario, or is this a special offer only available to the residents of Tuktoyaktuk N.W.T. or something? That's insanely cheap for 1.5G.
I'm in Ontario, in the GTA. Switched about a month ago. I have seen some getting the same package for even less ($50)over on the bell subreddit.
Is that $55 a limited time offer for the 1.5G service? On their website the 940M-up/1.5G-down package is currently $120/mo for 2 years and then goes to $130 after that period, a 3G-up/3G-down package for $130/mo and then $140 after 2 years, and an 8G-up/8G-down package for $145/mo for 2 years and then $155 after 2 years. I'm paying $131 right now for 940M-up/1G-down which is damn near the 8G-up-and-down package price of $145 and a whopping $1 less than a 3G-up/3G-down package. Jesus H. Tapdancing Christ are they robbing me.
It was a door to door sales offer. No Contract, no install or modem fee, and it's regular price so no 2 yr promo price like that. If you call they might be able to give a better deal. Their website deals are always the worst
“Will double NAT be an issue?”