- Joined
- Apr 24, 2008
- Messages
- 271
- Reaction score
- 6
- Points
- 18
- Location
- West of Paris
- Your Mac's Specs
- MacBookPro, iMac, OS 10.13.6, iPhone 6s iOS 15.1, iPad mini, iOS 9.3.5
Hello. I wanted to replace my dying ADSL modem and to use my Airport Extreme in its router mode to create my main and my guest networks (for guests: separate network and separate password). Thus I purchased a new modem-router (a Zyxel AMG1001-T10A), intent on configuring it in bridge mode. I worked but, with shields up on the GRC.com website, I saw that all my ports were visible from the internet, the modem responded to Ping. I wanted stealth. Also, a bridge configuration is painful on a modem: I could no longer access the modem GUI directly from the mac. So, I configured the Zyxel modem in router mode (192.168.0.1 / 255.255.255.0) with its firewall to full strength (all ports are stealthed now and the Zyxel modem-router does not respond to Ping) and configured also the Airport Extreme in router mode (192.168.1.1 / 255.255.255.0). It works perfectly: bandwith is there and it is rock-stable.
However this is double NATting and my Airport Extreme has complained to me as this goes against all pre-conceived ideas. To avoid double NATting, I could also have configured the Airport Extreme in bridge mode, at the cost of living without my guest network.
I have read that double NATting was bad because: some applications required a public IP on the WAN side of the Airport Extreme; because of peer to peer, games, voice over IP, remote access to the printer or to the mac... (I don't do any of these).
How bad, really, is my double NAT internet configuration ? Can anyone explain to me the shortcomings of this configuration ? Should I change it ? TIA
However this is double NATting and my Airport Extreme has complained to me as this goes against all pre-conceived ideas. To avoid double NATting, I could also have configured the Airport Extreme in bridge mode, at the cost of living without my guest network.
I have read that double NATting was bad because: some applications required a public IP on the WAN side of the Airport Extreme; because of peer to peer, games, voice over IP, remote access to the printer or to the mac... (I don't do any of these).
How bad, really, is my double NAT internet configuration ? Can anyone explain to me the shortcomings of this configuration ? Should I change it ? TIA