cancel
Showing results for 
would you rather see results for 
Did you mean: 
Need help?

Nat Loopback

Reply
27 REPLIES 27
Highlighted
UFO Customer

I have the HG635 router and ran into another issue with it.

 

I have been installing a smart security system that can be accessed by an Android App.

 

The App can connect to the security system when I am away from home (using 3G) but when at home and my mobile is connected to my local network, the app cannot connect to the security system.

 

The app works by the security system polling to the security system manufacturer every 15 mins to keep my external IP address updated (free service provided by the manufacturer). So when at home the app is trying to access via the external IP address, so I need to enable Nat Loopback on the router.

 

It doesn't look like Nat Loopback can be enabled in the HG635 router admin panel, or is there maybe a hidden area?

 

If not, is it possible to access the router via SSH and enable Nat Loopback via a command?

 

Regards

John

 

 

Highlighted
UFO Support
Hi John,

Intresting one. Allow me some time to check with our team on the settings and see what us happening.

Will get back to you soon.

Kind Regards,

Farhan.
Highlighted
UFO Customer

After a wider search on Talktalk community, this is an issue also for others, and has been requested to add NAT Loopback to future firmware for Talktalk routers, but doesn't look like it will happen.

 

http://community.talktalk.co.uk/t5/Unlimited-Broadband/Feature-request-NAT-Loopback-for-DSL-3680/td-...

 

Most router manufactures do not include the loopback feature anymore, claiming it is a security risk, however I cannot find any hard evidence that it is a risk after googling.

 

I can see this issue becomming more common as a lot of people are going for remote home automation, security, camera systems etc, and if they require a DDNS service for it, they need nat loopback enabled when trying to connect locally.

 

Just checked my Asus router and this can support nat loopback, so may have to try and set that up as my main router, a project for next weekend.......:smileysurprised:

 

Anyway, looking forward to the feedback from the Talktalk team regarding loopback, Farhan.

 

Thanks

John

Highlighted
UFO Support

Hi John,

 

Missed your earlier post - my sincere apologies.

 

I have received official feedback from the team.

 

The teams have advised the we actively prevent NAT loopback as a security measure. There is no option to enable this on the HG635 - which is the same feedback you found earlier as well. Sorry for that.

 

Kind regards,

 

Farhan.

Highlighted
UFO Customer

Thanks Farhan

 

I have resolved this now by using an Asus Router running AsusWRT Merlin firmware connected to the wall box.

 

My security app works perfectlly now on both external and internal networks.

 

Just for info for others that may have this problem....

 

If using a 3rd party Router and firmware, I suggest using an Asus router with Asuswrt Merlin firmware, the reason for this is that official Asuswrt is open source firmware, therefore the Merlin version contains the original Asus drivers as it is based on the original firmware.

 

Other routers and firmwares (such as TomatoUSB etc) may not include the original manufacturer hardware acceleration drivers which means that the router can end up restricted to 100mbps (So you would be running at a tenth of UFO speed).

 

When I tested an Asus and Linksys (both 1 Gbps capable) routers with Tomato firmware, they both dropped to 100mbps.

 

Using my Asus RT-AC66U with AsusWRT Merlin firmware, I still get 940mbps up and down stream on speedtest.net site. Plus I have have wireless mac filtering working again for more security.

 

Obviously, if you do use a "non Talktalk" router, you cannot expect support from Talktalk if anything goes wrong or it doesn't work correctly.

 

Regards

John

 

 

Highlighted
UFO Customer

Thanks, this is useful information.

 

I tried plugging in my asus ac68u into the wall box on Monday, and it didn't get a DHCP lease from the WAN. I then put the talktalk router back in and that also didn't get a DHCP lease any more. The UFO internet has been dead since. Fortunately my 30 days notice with Virgin Media hasn't expired yet, so I'm not totally disconnected.

 

I was worried that non-talktalk routers are explicitly banned, so it's good to know it worked for you - did you bother altering the WAN port MAC address of your asus router?

 

The asus router works fine on Virgin Media, and when I plugged my pc into the wan port and watched the traffic, both the ASUS router and the talktalk router are just sending out DHCP DISCOVER requests every few seconds, so I don't think the asus router did anything weird.

 

*shrug*

 

I have an engineer is booked for tomorrow morning to come and take a look at things. I'm hoping he'll be happy to watch me plug in my own router.

 

I'm currently running advancedtomato on the ac68u. It's getting my full 150Mbps on the virgin media connection, and is claiming a gigabit connection to the modem. I'll try the merlin firmware if things aren't happy.

 

Greg.

 

 

Highlighted
UFO Support

Hi Greg,

 

We don't ban users wishing to use their own routers.

 

Just a quick note, when the engineer comes for the installation, they will only work on setting up the new supoer router from our side. If you wish to use your own router, you'll just need to switch the router.

 

If your own router supports dual band, enable it and wherever possible use the line on the 5GHz band range.

 

Kind Regards,

 

Farhan.

Highlighted
UFO Customer

Hi Greg

 

Could it be possible the rj45 at the router end hasn't been crimped correctly and swapping things around has dislodged a wire in the rj45?

 

If you have a spare cat5 cable you could try that as a test between the wall box and router.

 

I will be suprised if you do get full 1000 with Tomato, I used to swear by tomato when I used virgin (60 meg) but when I moved to Talktalk the router couldn't handle the speed but Merlin works fine.

 

Also if moving the Asus router from Virgin to Talktalk, I would suggest a factory reset of the router first to clear NVRAM, as it may be storing strange settings from when last connected to Virgin (I guess you had your Virgin "Super Hub" in modem only mode?.

 

Just to answer your other question, no I didn't change the mac address of my router.

 

Let us know how you get on.

 

Regards

John

Highlighted
UFO Customer

Hi John,

 

I did try a different cat5 cable, to no avail. I'm actually really curious what has happened to my line. Hopefully I'll find out.

 

Yeah, superhub was (still is, actually) in modem only mode. It has been reset during my diagnosis of this, and I don't think there's anything virgin specific in there, but it might be worth a go anyway. Obviously if I'm flashing new firmware, then it's getting NVRAM reset as well.

 

Greg

Highlighted
UFO Customer

Well, the engineer came, and rebooted everything, and tried a new router. None of which worked.

 

Anyway, they said someone is working on it at their end, and they'll ring me when they figure it out.

 

On the plus side, I don't think it was anything I did.

 

EDIT: They got back to me. I've got to unplug the ONT box, let the battery run flat overnight and plug it back in in the morning. *fingers crossed*

Highlighted
UFO Customer

I am pretty sure I disconnected the battery a while ago to do the same re-boot which would be quicker than waiting overnight?

 

Do you have a phone connected to the wall box? If so does the phone work?

 

Regards

John

 

 

 

 

Highlighted
UFO Customer

Yeah, I couldn't think of a reason why disconnecting the battery wouldn't do the same thing, but I'm following instructions very closely so that if it doesn't work in the morning the conversation with the CS rep tomorrow will be simpler.

 

The battery lasted from 15:15 to sometime before 19:00. It's all off now, and I'll leave it till tomorrow morning (again, doing what I'm told...)

 

Whilst the battery was still holding out, the phone was giving a dial tone. I didn't use it though - I'm not paying those prices!

 

Greg.

Highlighted
UFO Customer

Let us know how you get on tomorrow. Once teething problems are sorted you will love the service.

 

During the testing stage, I had various issues (to be expected though) but now it is sorted, it is fast and a lot more stable/reliable than my old Virgin cable setup.

 

Regarding the phone and prices, if you have the £5 (discounted) a month boost, then all standard UK and Mobile calls are included, see other post on here about the (voip) phone service with UFO (you can port over your old number), and the other plus is no line rental costs so the all-calls boost is a non-brainer really with the UFO home phone service..

 

Regards

John

 

 

Highlighted
UFO Customer

Well, I plugged it back in at 08:20 this morning, and it's still just the same kind of broken. Rang in again and they're having another think.

 

Today marks the day of paying for no internet as many days as I've paid for functional internet.

 

WRT the phone stuff - I really don't use the phone much. I barely even use my mobile to call people. I do ring Talktalk CS a lot though recently. I've memorised their number and everything!

 

Greg.

Highlighted
UFO Support
Hi Greg,

Apologies for the delay in my reply - spoke with the teams last evening on your order -?we sincerely apologize for the inconvienience. Rest assired, teams are working on getting it resolved asap.

Kind Regards,

Farhan.
Highlighted
UFO Customer

Well,  I woke up this morning to a lovely row of green lights on the talktalk router. I swapped in my asus router, and nothing exploded. Thankyou, whoever had the midnight to 6am shift at Talktalk, whatever you did worked.

 

@joeyboswell, you're right about Tomato - I'm getting about 250Mb/s each way with it. I'll flash it to asus merlin tonight.

 

@farhanazad85, could you get someone to give me a ring and explain what happened?

 

Sorry for totally hijacking this thread with an only slightly related topic.

 

Greg.

Highlighted
UFO Support

Hi Greg,

 

Would you be able to drop me a pm with your contact numbers - I'll pass it on to the team to request them to give you a call.

 

We're happy you are up and running on UFO!

 

Kind Regards,

 

Farhan.

Highlighted
UFO Customer

@farhanazad85, sorry, I can't for the life of me find where to send PMs... a little help?

Highlighted
UFO Support

Hi Greg,

 

On the top side of the page, you should see an icon for inbox - from where you can send pm's - let me know if that helps.

 

Kind Regards,

 

Farhan.

Highlighted
UFO Customer

Nope, I'm not seeing it. Should it be in this screenshot?

screenshot