Is my ISP wrong? Nat inside

ZetaKappa
ZetaKappa Posts: 6
First Comment Friend Collector

Hi there, just a noob networking guy, tryin' to learn something.

Here's my scenario.

I need to reach from the external of my building, through public ip X, an internal LAN2 address —→ 10.0.0.241:9000

Modem router address is 10.0.0.1 - Firewall WAN port is 10.0.0.241 as isp requested

Modem router i think got NAT rule Public IP X to 10.0.0.241 on port 9000

i've tried everything on zyxel configuration, but i'm unable to reach that address from outside.

Usually, on other scenario, i setup wan port with ip on same subnet on the public address, setup NAT on firewall, policy control, not problem.

probably i'm missing something.

All Replies

  • ZetaKappa
    ZetaKappa Posts: 6
    First Comment Friend Collector

    i found this situation (think so)

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Well your modem is hardly a modem if the USG WAN gets a 10. IP

    So if your WAN gets 10. and your LAN on the USG is the same 10. subnet thats going to cause problems

  • WJS
    WJS Posts: 156  Master Member
    5 Answers First Comment Friend Collector Third Anniversary

    As PeterUK said, try to change Firewall's LAN IP to prevent the conflict

  • DeanH
    DeanH Posts: 47  Freshman Member
    First Comment Fourth Anniversary

    I concur with PeterUK and WJS.

    You cannot have the same network on both sides (WAN and LAN) of a routing device (firewall, router, security appliance) as it won't know where to send the data. They must be different.

    If you can find out the ISP network mask, you can still use a 10.x.x.x network, just put it beyond the one they use. For instance, if they use 10.0.0.0/24, which would be 10.0.0.1 - 10.0.0.254 host addresses, you could use 10.0.1.0/24, which would be 10.0.1.1 - 10.0.1.254 for host addresses, on your LAN.

Security Highlight