@Therad that depends on exactly what the wall box is and if it has user access. Technically the ideal would be either to keep it as is with everything on the same subnet, but set the port forwarding on the "wall box" assuming it's a router, or:
Alternately, setting the internal router in the DMZ on the wall box if the wall box is a router as well would be important either way. Otherwise we're just double NATing with two layers of indirection but the top layer still unable to make sense of it.
OTOH if the "wall box" is just a modem/optical terminal, then there's nothing to configure in there and you are indeed right, that the incoming should go into the WAN port and routing should be done on the router. I'm just not sure that's how it's set up since, if the wall box isn't a router, and everything is on the same subnet as the wall box (lan rather than wan interface on the router)....then how is everything currently being routed externally now?
@NEStalgia yes, that is true, but it sounds like the wall box only have one port, so I would be surprised if it has router functionality. But in any case, if he sets it up and it doesn't work, then he can check the external IP.
Also, it seems the current setup is wrong, this leads to the net having 2 DHCP servers, which is bad.
@NEStalgia I've just been informed by a friend that the white wall box I've been talking about earlier is a router. Though i disagree, the white box is called "Fiber boks" in Danish, when i translate that it basically becomes "Fiber box". but no the wall box does not have only one port. i believe that this is the box i have
UPDATE: so last time i said i was going to try and hook everything up with a switch/splitter, instead of the router in disguise. Bad news, nothing has really changed, nat type is still the same. I've called my internet distributor, and they say that it is as public as it can get. Despite all my efforts, the nat type stays the same. I am confused as what to do, I've been going on and on about this problem for about 2 months now, and i'm literally going insane.
@Incure Ok, so it looks like that box is a combined fiber terminal and router, so yes, it's best for troubleshooting to remove your other router from the mix to not confuse things. (I find it hilarious that the only thing in the whole manual in English is the port diagram...convenient since I don't know any Danish! Inconvenient for anyone that don't know any English though.... )
So now, you're going into the switch and it's still not working. That implies that whatever port forwarding needs to be set up needs to be configured on the fiber/router, since that's the only device you're going through now. That manual doesn't explain any configuration on the router though, and it's possible the internet provider needs to be the one to do it. The manual does show it has its own wireless though if that's the right box. Maybe you can connect wirelessly to it directly just for one more test.
Otherwise I think if you're allowed to configure the port forwarding on there, that's where you'll need to do it. If not, then the ISP probably has to do it.
If NEITHER work....then you might have to get creative with a VPN service subscription to keep the routing external (it can make for lag at times though,and, of course, it's a subscription....) If going that route, you'd need either a router flashed with VPN handling software (that's technical, but some companies sell (overpriced) pre-configured routers. Or you can share the connection from the PC and just run the VPN software on there. Either way it's an annoying and messy workaround for something that should be working find through what seems like fiber internet.
@NEStalgia I was talking to my internet service provider the other day, and they told me that it's as open as it can be. That also marks the 10th time i have talked to them. They were able to see that i have tried to port forward, but then again, that didn't work. I really REALLY don't want to pay more for online than i already do, and buy a VPN subscription. Plus, lag is already a problem with Nintendo's online, so there is that. I really wish that this could be fixed with just the push of a button. Just... click aaand now you can play the game you've waited 4 years for, yaaaay...
@NEStalgia I was talking to my internet service provider the other day, and they told me that it's as open as it can be. That also marks the 10th time i have talked to them. They were able to see that i have tried to port forward, but then again, that didn't work. I really REALLY don't want to pay more for online than i already do, and buy a VPN subscription. Plus, lag is already a problem with Nintendo's online, so there is that. I really wish that this could be fixed with just the push of a button. Just... click aaand now you can play the game you've waited 4 years for, yaaaay...
Have you tried to follow the steps on page nine in the manual, the one about configure it? Who installed the box? Also, you only need one router, so skip the zyxel.
@Incure Are you using Windows, Mac, or Linux? I can't help with Mac, but assuming Windows, bring up a command prompt (cmd dot exe) (note that the forum won't let met type the actual executable name, so it's cmd[dot]exe with an actual dot (.) ) and type "tracert google.com" - post the results here if you can.
(DISCLAIMER: You will be posting your public facing IP address on a public forum. If you do not wish to do so, you can omit/obfuscate the second or second and third hops from the results, however, also note that will make it more difficult to troubleshoot since it will be a less conclusive set of information to work with.)
The goal here is to check for RFC6598/1918 class address in the route to see if you're behind carrier grade NAT.
Alternately/additionally, if you go to http://www dot whatsmyip dot org/ and try to run from a command prompt a tracert to that IP address that it shows you, that can be telling as well. You're asking it to tell you the route it takes to get to yourself. If it's behind carrier NAT, it takes quite a few more hops to get to yourself than should normally happen.
This should confirm if you have a carrier grade NAT problem (not resolvable locally), or if, as the ISP says, the problem is local, then we're back to working on that wall mounted router as @Therad said.
@nintendolife Hey Ant, the "you've been blocked" thing is happening again with this post. I figured you'd like to know! This time it looks like it was the name of cmd[dot]exe and/or the link to what'smyip that was causing it to block. cmd[dot]exe alone seems to trigger it. However the last few times it happened there were certainly no executable filenames in the post, so it seems like it latches onto some content and blocks from there....this one was easy to guess it might reject executable names, but the last few times it was pretty much impossible to deduce the magic word that triggered it.
Cloudflare Ray ID: 4a0c51745cc6c5c6 (But we already know the trigger word for this one.)
Also, tagging @Incure again in this second post since the tag in the prior probably failed due to the posting error.
@antdickens Yes, I got a screenshot (might be huge on the forum if it's not resizing:)
Yeah, in this case it's at least clear what it was trying to block. I'm guessing in those other cases it snagged some word for some reason that didn't make sense to block, but somehow in the context of the filter it still managed to trip it.
@Therad well.. i am using the Zyxel as a switch/splitter. The other switch i had was just one i borrowed from where i work. I just borrowed it to see if it would work, and if i should actually get a switch myself. Though if it is crucial that i need a switch/splitter, then my stepdad (who is working for our internet provider) is currently trying to see if he can get a switch from somewhere.
@Therad I have seen that interface before on page 9, that's where i tried to port forward everything. I used to be able to get in there by adding my default ip into my web browser, but apparently i can't do that anymore. The page DOES say that i should take an ethernet cable and insert it directly into the box. I haven't tried that yet, but i'll gve it a shot once i get the chance.
@Incure It's ok to use the router as a Switch as long as it's properly setup. Since you have the ISP's router you should either make sure to disable DHCP on your internal router, or subnet it and actually route twice. Since that's a little more complicated beyond the scope of troubleshooting the Nintendo issue, it's just a little cleaner to deal with a "dumb switch" so we're not introducing secondary complexities while trying to solve the one problem. Otherwise you could end up solving the ISP router issue, while still thinking it's not working because of the secondary configuration on the zyxel. (Or you could connect directly to the ISP router for the duration of Nintendo troubleshooting, to avoid introducing too many variables.)
You don't need to swap out the zyxel for a switch, you just need to be sure you're not troubleshooting the wrong problems which is easier without a second router.
A public IP on the internet in this little corner of the universe here is generally harmless, but of course with the IP, it opens the opportunity for anyone to try to reach your network specifically were they to wish a DDOS attack or targeted attack. (Odds are you don't have a static IP so it will change from time to time anyway when the router is rebooted. At least in the US, static is $$$ meant for business accounts. There are only so many to go around.) Keep in mind that anyone you're connecting to, such as other Splatoon/Smash/Kart players can still obtain your public IP address - think of it as "Caller ID" on a phone, your number is always visible when you call someone, your number is readable in the data when you're playing games with someone...they just have to work a little harder for it than copy and pasting from a forum. I'm paranoid and blanked my in my post to Ant. But then I'm just data paranoid in general, would never EVER use Google Chrome, keep the GPS disabled on my phones, etc. I work with a lot of secure environments. I'm used to security paranoia with organizations that know they're always under direct threat, so It's my default behavior.
Tracing route to google.com [172.217.168.206]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.0.1
2 1 ms <1 ms <1 ms 78.156.100.129
3 2 ms 2 ms 1 ms 10.10.3.133
4 3 ms 2 ms 2 ms 10.10.0.5
5 2 ms 2 ms 3 ms 87.116.38.121
6 17 ms 17 ms 17 ms 93.176.93.8
7 18 ms 18 ms 18 ms 77.233.230.165
8 17 ms 16 ms 17 ms 108.170.241.193
9 18 ms 17 ms 17 ms 108.170.227.3
10 16 ms 17 ms 16 ms ams16s32-in-f14.1e100.net [172.217.168.206]
@Incure Hmmm.....those two 10.10 hops are looking suspiciously like CGN. Though worse, it's non-standard CGN where they're supposed to be using 100.64. for IANA compliance.
Two other questions: If you checkout whatsmyip.org, what does it say your IP is? (That's what the outside world sees when you connect.)
Also, post the tracert to that IP.
Third question, is if you type "ipconfig" in a command prompt, what does it say under "default gateway" under "ethernet adapter local area network"? (That's the address of your router inside your network.)
I'll reserve judgement until I see those, but for now I'm guessing the ISP is either lying or just (as is typical for customer support) oblivious to their network topology and is not telling you the right things as a result. Seeing your internal IP followed by a truly external IP, followed by not one but two 10.10 (local) subnet hops is pointing to carrier grade nat being in play. That's really weird if it's a fiber line though. Normally fiber doesn't do that.
As a side-note, this is why you can take your streaming-only solutions and stuff them in a specific location, Ubisoft.
skip all fiddly things about going into the router, it might be the case that ur internet provider is providing a lpkojhbgvfcdx router, do like me then , buy an more "gaming router" like nighthawk ac 1750 Netgear , and make sure that ur internet provider opens up the 4th port on ur router(bridge it),or in swedish(brygga modem helvetet!) ja Telia suger .) place the new router in the 4th socket , this is what i did, it didnt require any nerdy stuff portforwarding etc.the router rigt otta the box did everthing for me ,.. cable vs wifi doesnt solve Nat type, i went from D to A, just buy buying a router, take a expensive one stay clear from cheap trash routers, my netgear here is like an little R2D2 singing , beautifuly, ( , native language is swedish, its so frustrating trying to communicate with english... i understand the immigrants now...
Forums
Topic: Problem with nat type
Posts 21 to 40 of 49
This topic has been archived, no further posts can be added.