Show Posts
1
General Discussion / How to avoid Double NAT with Fritz!Box
« on: February 10, 2018, 03:47:11 am »
My thank you's to the dev's for their hard work on this great product. I happily contribute to support for dev's who save me time and frustration!
I'm hoping some of you will be able to help me with my doubleNAT issue:
I have the following Setup:
Internet (VLAN10) Fibre---> (PublicIP):Fritz!Box 7490(NAT, FW enabled, Port Sharing Exposed Host for single IP) --> Static Private IP *.*.1.* --->ESXi 6.0:WAN--->Static Private IP *.1.*:WAN NIC:OPNSense 18.1 (DHCP, NAT, FIREWALL)LAN NIC: --> Managed Switch (Private IP *.*.30.*) --> Home Servers/PC's, Devices
When I connect directly to the Fritz!Box 7490 using SpeedTest.net, I get 900/500Mb speeds
When I connect through OPNSense using SpeedTest.net, I get 349/359Mb speeds
When I do a tracert of 8.8.8.8 when connected directly to Fritz!Box LAN port I get single private IP from Fritz!Box as first leg of the trace.
When I do a tracert of 8.8.8.8 when connected directly to OPNSense LAN (via the managed switch) I get two Private IP's in the trace with the first leg being the OPNSense IP, the second leg being the Fritz!Box.
My research yields that the Fritz!box 7490 does not have DMZ. Rather, I've configured the Fritz!box to have a dedicated Shared Port which is supposed to allow all ports available to the IP of the OPNSense Fireware. This appears to work as my UPnP settings have no issues.
Question:
How do I remove the double NAT issue with OPNSense being behind the Fritz!box to improve my network speeds? If I turn off NAT on Fritz!box, I get no internet (or access to the Fritz!box for that matter). I'm a neophyte with this sort of device so clear instructions would be appreciated if possible.
Thank you
I'm hoping some of you will be able to help me with my doubleNAT issue:
I have the following Setup:
Internet (VLAN10) Fibre---> (PublicIP):Fritz!Box 7490(NAT, FW enabled, Port Sharing Exposed Host for single IP) --> Static Private IP *.*.1.* --->ESXi 6.0:WAN--->Static Private IP *.1.*:WAN NIC:OPNSense 18.1 (DHCP, NAT, FIREWALL)LAN NIC: --> Managed Switch (Private IP *.*.30.*) --> Home Servers/PC's, Devices
When I connect directly to the Fritz!Box 7490 using SpeedTest.net, I get 900/500Mb speeds
When I connect through OPNSense using SpeedTest.net, I get 349/359Mb speeds
When I do a tracert of 8.8.8.8 when connected directly to Fritz!Box LAN port I get single private IP from Fritz!Box as first leg of the trace.
When I do a tracert of 8.8.8.8 when connected directly to OPNSense LAN (via the managed switch) I get two Private IP's in the trace with the first leg being the OPNSense IP, the second leg being the Fritz!Box.
My research yields that the Fritz!box 7490 does not have DMZ. Rather, I've configured the Fritz!box to have a dedicated Shared Port which is supposed to allow all ports available to the IP of the OPNSense Fireware. This appears to work as my UPnP settings have no issues.
Question:
How do I remove the double NAT issue with OPNSense being behind the Fritz!box to improve my network speeds? If I turn off NAT on Fritz!box, I get no internet (or access to the Fritz!box for that matter). I'm a neophyte with this sort of device so clear instructions would be appreciated if possible.
Thank you