Apple Intelligence is now available on iPhone, iPad, and Mac!

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Is NAT required on ethernet connected roaming network?

Do I need to use Router Mode DHCP and NAT when using DHCP Reservations and a Static address on the AP Express base station? The AP Express is connected to the AP Extreme via ethernet cable.


Bonus questions...

====

Is it more secure to leave NAT Port Mapping Protocol unchecked, what are the repercussions?


I am trying to understand why port 80 and 443 are always open and how to close them, according to Gibson Research this is dangerous... ?


I can't find any logs for my AirPort Extreme. I looked in /var/logs. Where are they?

====


I have an AirPort Extreme:


Internet

Connect using: DHCP

Wireless

Network Mode: Create a wireless network

Network

Router Mode: DHCP and NAT

DHCP Reservations: I use MAC address to assign IP addresses to all devices in my home.


Network Options

Enable NAT Port Mapping Protocol Unchecked


and an AirPort Express

Internet

Connect using: Static

Wireless

Network Mode: Create a wireless network

Network

Router Mode: Off (Bridge Mode)




iMac 27″, macOS 10.15

Posted on Feb 3, 2022 9:29 AM

Reply
Question marked as Top-ranking reply

Posted on Feb 3, 2022 9:49 AM

I can't find any logs for my AirPort Extreme. I looked in /var/logs. Where are they?


Apple has decided for you that you want to keep things simple, so they do not provide any logs for the AirPorts.


Do I need to use Router Mode DHCP and NAT when using DHCP Reservations


Yes, if you are asking about the AirPort Extreme. No, if you are asking about the AirPort Express, which should be set up in Bridge Mode.


and a Static address on the AP Express base station?


You should not need to set up a Static IP Address for the AirPort Express, but it would not hurt if you want to do so.


Is it more secure to leave NAT Port Mapping Protocol unchecked


No


what are the repercussions?


You will not be able to set up manual port mapping if the box is unchecked.


I am trying to understand why port 80 and 443 are always open and how to close them


Apple decision again. There are no controls on the AirPorts that would allow you to close these ports.









Similar questions

3 replies
Question marked as Top-ranking reply

Feb 3, 2022 9:49 AM in response to johnnyjackhammer

I can't find any logs for my AirPort Extreme. I looked in /var/logs. Where are they?


Apple has decided for you that you want to keep things simple, so they do not provide any logs for the AirPorts.


Do I need to use Router Mode DHCP and NAT when using DHCP Reservations


Yes, if you are asking about the AirPort Extreme. No, if you are asking about the AirPort Express, which should be set up in Bridge Mode.


and a Static address on the AP Express base station?


You should not need to set up a Static IP Address for the AirPort Express, but it would not hurt if you want to do so.


Is it more secure to leave NAT Port Mapping Protocol unchecked


No


what are the repercussions?


You will not be able to set up manual port mapping if the box is unchecked.


I am trying to understand why port 80 and 443 are always open and how to close them


Apple decision again. There are no controls on the AirPorts that would allow you to close these ports.









Feb 3, 2022 9:52 AM in response to Bob Timmons

Thanks Bob!


I have read from a highly knowledgeable user, who no longer frequents the Apple forums, that keeping the macOS software Firewall on is pointless. He recommended turning it off.


Is that still the case?


I am thinking of moving on from AP.


  • The base station only allows 100 Mbps when using ethernet
  • Top wireless speed of the extreme is ~250 Mbps
  • Ethernet speed setting on my 2019 iMac keep keeps randomly dropping from 1000baseT to 100baseT when set to Automatic mode. Thinking this is the router... all CAT 5e cables check out.
  • No logs!


I want to purchase...


an external firewall

a router that can be setup for VPN, is open source compatible and can run WireGuard

a base station compatible with that router and its speeds.

... any preferences


Feb 3, 2022 10:12 AM in response to johnnyjackhammer

I have read from a highly knowledgeable user, who no longer frequents the Apple forums, that keeping the macOS software Firewall on is pointless. He recommended turning it off.


Is that still the case?


I don't know, but I've never turned it "on".


I am thinking of moving on from AP.


The AirPorts are good basic routers for mom and pop, but they have been "long in the tooth" for some time. Even if you have the most recent version of the AirPort Extreme, it was designed in the 2012 timeframe. The AirPort Express was designed even earlier. So, the AirPorts are lagging in performance and Wi-Fi security.


The base station only allows 100 Mbps when using ethernet


Correct for the AirPort Express. Almost all AirPort Extreme versions have Gigabit Ethernet ports, but Internet speeds are still limited to about 325-350 Mbps. If you are saying that your AirPort Extreme is limited to 100 Mbps, you have the original 802.11n version, which was designed in 2006.


Top wireless speed of the extreme is ~250 Mbps


Depends on the version of the Extreme, but the Internet speed is never going to be higher than about 350 Mpbs if the AirPort is set up as a DHCP and NAT router.


Ethernet speed setting on my 2019 iMac keep keeps randomly dropping from 1000baseT to 100baseT when set to Automatic mode. Thinking this is the router.


It might be.


No logs


Apple actually did provide logs in AirPort Utility up until about the time that the Mountain Lion OS was introduced. AirPort Utility dropped logs after that.


I can't help on the external firewall or VPN questions since I do not use either.


Good luck!












Is NAT required on ethernet connected roaming network?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.