Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: htpetrie
htpetrie Author
User level: Level 1
4 points

Turn NAT off Airport Extreme roaming network

Hello all. I have set up a roaming network using the following:


Uverse modem (Arris NVG589), wireless function turned off

5th generation Airport Extreme (router)

3rd generation Airport Express (wired to LAN port of router)

2nd generation Airport Express (wired to LAN port of router)

1st generation Airport Express (wireless client)


My question is whether I can resolve the double NAT issue by using DHCP only (as opposed to DHCP plus NAT) on the Airport Extreme router, rather than trying to turn off NAT on the Arris modem. The reason for this is that I have read so many conflicting posts about how to turn off NAT on the modem that I don't know what to do (and for the purposes of this message, I would like to ignore that option). Anyway, it seems to me that allowing the modem but not the router to provide NAT should fix the double NAT problem, but I don't know what other problems it might cause.


Thanks for your help. Pete

Posted on Aug 18, 2015 5:44 AM

Reply
Question marked as Best reply
User profile for user: Tesserax
Tesserax
User level: Level 10
148,321 points

Posted on Aug 18, 2015 8:38 AM

My question is whether I can resolve the double NAT issue by using DHCP only (as opposed to DHCP plus NAT) on the Airport Extreme router, rather than trying to turn off NAT on the Arris modem.

Unfortunately, the DHCP only option will not work in your configuration. It was designed for a means to distribute multiple Public IP addresses to client on a local network. An example of one of those clients would be a dedicated email server.


As you already know the "main" router in a roaming network must have both NAT & DHCP enabled. All other routers would be in bridge mode, i.e., both of those services disabled to function properly.

The reason for this is that I have read so many conflicting posts about how to turn off NAT on the modem that I don't know what to do (and for the purposes of this message, I would like to ignore that option).

Your Arris "modem" is actually a combination modem and wireless router. Also know as a gateway device. I would recommend that you configure this gateway to perform as your "main" router with BOTH NAT & DHCP enabled. In turn, reconfigure all your AirPorts as bridges.

View in context
17 replies
Question marked as Best reply
User profile for user: Tesserax
Tesserax
User level: Level 10
148,321 points

Aug 18, 2015 8:38 AM in response to htpetrie

My question is whether I can resolve the double NAT issue by using DHCP only (as opposed to DHCP plus NAT) on the Airport Extreme router, rather than trying to turn off NAT on the Arris modem.

Unfortunately, the DHCP only option will not work in your configuration. It was designed for a means to distribute multiple Public IP addresses to client on a local network. An example of one of those clients would be a dedicated email server.


As you already know the "main" router in a roaming network must have both NAT & DHCP enabled. All other routers would be in bridge mode, i.e., both of those services disabled to function properly.

The reason for this is that I have read so many conflicting posts about how to turn off NAT on the modem that I don't know what to do (and for the purposes of this message, I would like to ignore that option).

Your Arris "modem" is actually a combination modem and wireless router. Also know as a gateway device. I would recommend that you configure this gateway to perform as your "main" router with BOTH NAT & DHCP enabled. In turn, reconfigure all your AirPorts as bridges.

Reply
User profile for user: Tesserax
Tesserax
User level: Level 10
148,321 points

Aug 18, 2015 10:01 AM in response to htpetrie

I am guessing that what you suggest is probably more complicated that just setting the AP Extreme to bridge mode and leaving the rest intact?

If you have set up a roaming network then your AirPort Extreme should already have been configured as a bridge with your new gateway performing as the "main" router for that type of network. It should be no more complicated that change the Extreme's Network Mode to: Off (Bridge Mode).

User uploaded file

My other concern is that the modem and router will then both be transmitting wifi from the same location.

A roaming network works best when wireless access points are not place near each other. However, if you have no choice but to leave the Extreme near the Arris gateway, then you will want to disable wireless on the gateway.

Reply
User profile for user: Tesserax
Tesserax
User level: Level 10
148,321 points

Aug 19, 2015 5:34 PM in response to htpetrie

I suggest that you start over with just the Arris gateway and the AirPort Extreme base station. Leave all other base stations powered-off.


I would recommend that you do the following as a minimum:

  1. Power-down the Arris, Extreme, and all other base stations.
  2. Disconnect the AirPort Extreme from the Arris gateway.
  3. Perform a "factory default" reset on the Extreme. This will get it back to its "out-of-the-box" configuration and make setting it up much easier, especially if you use the "Assist me" process within the AirPort Utility. (ref: Resetting an AirPort Base Station or Time Capsule)
  4. After the Extreme resets, go ahead and power it back down.
  5. Reconnect the Ethernet cable between the gateway and the Extreme. Be sure to connect the cable to the WAN (circle-of-dots) port on the Extreme.
  6. Power-up the gateway; wait at least 10-15 minutes to allow it adequate time to initialize.
  7. Power-up the Extreme; wait at least 5-10 minutes. Note: The AirPort's status light should continue to flash amber after it has initialized. That is because, there will be some additional configuration items necessary before it will change to green.
  8. Power-up your computer(s).

In this basic configuration, the Extreme will broadcast an unsecured wireless network with a Network Name (SSID) of Apple Network NNNNNN. You can now use the AirPort Utility to configure the Extreme as a bridge. Verify that network clients connected to the Extreme by wire or wireless can now access the Internet. Please post back your results.

Reply
User profile for user: htpetrie
htpetrie Author
User level: Level 1
4 points

Aug 20, 2015 1:11 PM in response to Tesserax

OK, I will try the factory reset and other things you suggest over the weekend. My concern with a factory reset is my wireless security cameras, which require direct connection to the router to re-establish, which requires traversing a difficult attic crawlspace to get the power supplies, coming back out, taking down the cameras, and then putting everything back up again after reset. A real pain. Anyway I will post the outcome next week. thanks

Reply
User profile for user: htpetrie
htpetrie Author
User level: Level 1
4 points

Nov 24, 2015 7:20 AM in response to Tesserax

Hi Tesserax: sorry for the delay, because of the difficult location of the power supplies for my home security wifi cameras, I wanted until I was ready to switch service providers before undertaking this (no point in snaking through the attic twice). Now I am ready and this is hopefully my Thanksgiving Day project. After re-reading these posts, I have a question. In the configuration you specified above, I assume that I want to keep wireless transmission disabled on the Arris gateway, so that wifi is coming only from the Extreme and Express devices, while the NAT will be coming only from the Arris. If you have a chance, please confirm. Thank you again for your help. I will let everyone know how this goes when it is complete!

Reply
User profile for user: Tesserax
Tesserax
User level: Level 10
148,321 points

Nov 24, 2015 8:55 AM in response to htpetrie

If the Arris and the Extreme will be colocated then I would recommend that you disable the wireless on the Arris and leave them on for both the Extreme and Express. If they won't be colocated, then you can leave the wireless on the Arris enabled. As you noted the issue would be Wi-Fi interference and this should only be true if they are near each other.

Reply
User profile for user: htpetrie
htpetrie Author
User level: Level 1
4 points

Nov 26, 2015 8:14 AM in response to Tesserax

Well, the problem is partially solved. The good news is that the double NAT issue has disappeared, and I have established a wifi network with the Extreme in bridge mode! Thanks very much!


The bad news is that my two 2nd gen Express stations are both getting a no DNS error. The original setup was


Arris (wifi disabled)

-> Extreme (router) via WAN port

->Express1 ( from Extreme LAN to either LAN or WAN on the Express, I can't remember now)

->Express2 (same)

->Express3 (1st gen, as wifi to ethernet bridge for VOIP modem)


I did a factory reset to both of the 2gen Expresses that were previously in bridge mode (E1 and E2), but not to the 1gen Express3. That's one difference. The other is that since the Extreme was previously the router, I am wondering whether E1 and E2 now need to be connected directly to the Arris gateway (they are currently still connected to the Extreme LAN ports). Of course all the Arris LAN ports are already taken, so I would have to get a switch, but I just want to make sure that this is the issue. Thank you

Reply
User profile for user: htpetrie
htpetrie Author
User level: Level 1
4 points

Nov 26, 2015 8:33 AM in response to htpetrie

OK, looks like that is exactly what it is, I disconnected one of the LAN cables used for video and put the E1 cable directly into the Arris and it works, so I will need to get a switch. One more question, should the cable from the Arris gateway to the Expresses go into the LAN or WAN on the express, or does it matter? thank you again.

Reply
User profile for user: htpetrie
htpetrie Author
User level: Level 1
4 points

Nov 26, 2015 9:33 AM in response to htpetrie

I take it back. Airport utility had reconfigured these base stations to extend a network, when I reconfigured for bridge mode I am getting a DNS error, even when connected to the gateway directly. Any suggestions? Is it possible to connect the Expresses to the Extreme LAN ports when the Arris is being used as the router? Thank you.

Reply
User profile for user: Tesserax
Tesserax
User level: Level 10
148,321 points

Nov 26, 2015 1:48 PM in response to htpetrie

The other is that since the Extreme was previously the router, I am wondering whether E1 and E2 now need to be connected directly to the Arris gateway (they are currently still connected to the Extreme LAN ports).

Yes, all the base stations should be connected back to the Arris gateway. Your suggestion to use an Ethernet switch is a good one and should provide you with the additional ports.

Reply

Turn NAT off Airport Extreme roaming network

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up