Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
PortForwarding 2 external subnet
- Thread starter Aperture
- Start date
- Sort by reaction score
Can you be more descriptive of what you exactly intend to do and use this for? It would help to understand what exactly you need to setup.
Just FYI, any port forwarding would have to be managed on the remote router's inbound connections, so you must be able to administrate that router.
Just FYI, any port forwarding would have to be managed on the remote router's inbound connections, so you must be able to administrate that router.
This is usually needs to be done on your router.
Are you using the Mac directly on the public network and using it as a router?
B
Are you using the Mac directly on the public network and using it as a router?
B
I was having a similar discussion about router technology on a thread a while back and you might want to look at one of my posts as a bit of a primer on how NAT routers work and port forwarding.
https://forums.macrumors.com/posts/2942901/
https://forums.macrumors.com/posts/2942901/
Let me start off by thanking the replys above and I ask you please take the time to read this rather long post.
Okay. Let me explain this a bit better. I have an Xbox 360, connected over "Internet Sharing" to my iMac G5. The iMac is wirelessly connected over Airport to my Linksys BEFW11S4 (V.4) Router. I want to be able to connect to Microsoft's Xbox Online Service. I have set it all up as far as the network settings go on my Xbox, and I ran a Diagnostic Connection Test on the 360 itself. These are the results from the test:
Network Adapter - Wired
IP Address - Confirmed
DNS - Confirmed
MTU - Confirmed
ICMP - Confirmed
Xbox Live Service - Confirmed
NAT - Moderate
I've read at Xbox.com, if you can't connect to some online games (I can connect to some, but not all) then you need to make your NAT say "Open" instead of "Moderate"
It was explained as if you have a Moderate status, you can only play online with people having an Open or Moderate status. Also, if you have a Strict status, you can only play with people either with Open or Strict status.
To correct the problem, Microsoft said to forward ports UDP 88, and TCP/UDP 3074 to the 360's IP address.
The IP address assigned to the Xbox from the iMac appears to be outside my subnet. The IP is 192.168.2.***. My router's IP is 192.168.1.***.
In the router's online admin panel, I can only forward ports to IP addresses that begin with 192.168.1.***. Therefore, it won't allow me to forward the right ports on to the Xbox.
I had an idea that maybe if I could make an alias for the Xbox's IP address, so it would fool the router into thinking the Xbox was within it's subnet, I could forward the ports.
What do I know, though.
Hope I didn't confuse you! Please ask for clarification on anything!
Thank You
Okay. Let me explain this a bit better. I have an Xbox 360, connected over "Internet Sharing" to my iMac G5. The iMac is wirelessly connected over Airport to my Linksys BEFW11S4 (V.4) Router. I want to be able to connect to Microsoft's Xbox Online Service. I have set it all up as far as the network settings go on my Xbox, and I ran a Diagnostic Connection Test on the 360 itself. These are the results from the test:
Network Adapter - Wired
IP Address - Confirmed
DNS - Confirmed
MTU - Confirmed
ICMP - Confirmed
Xbox Live Service - Confirmed
NAT - Moderate
I've read at Xbox.com, if you can't connect to some online games (I can connect to some, but not all) then you need to make your NAT say "Open" instead of "Moderate"
It was explained as if you have a Moderate status, you can only play online with people having an Open or Moderate status. Also, if you have a Strict status, you can only play with people either with Open or Strict status.
To correct the problem, Microsoft said to forward ports UDP 88, and TCP/UDP 3074 to the 360's IP address.
The IP address assigned to the Xbox from the iMac appears to be outside my subnet. The IP is 192.168.2.***. My router's IP is 192.168.1.***.
In the router's online admin panel, I can only forward ports to IP addresses that begin with 192.168.1.***. Therefore, it won't allow me to forward the right ports on to the Xbox.
I had an idea that maybe if I could make an alias for the Xbox's IP address, so it would fool the router into thinking the Xbox was within it's subnet, I could forward the ports.
What do I know, though.
Hope I didn't confuse you! Please ask for clarification on anything!
Thank You
Your problem appears to be that you've essentially got two NAT routers in series and you can't generally make port forwarding work that way. You need to turn off NAT (Internet sharing) on the Mac and have it just put the Xbox on your LAN, but I'm not sure how to do that.
EDIT: Perhaps to clarify more: Both your BEFSW and the Mac are translating local addresses to "public" ones except that the Mac is creating it's own private subnetwork for the Xbox.
B
EDIT: Perhaps to clarify more: Both your BEFSW and the Mac are translating local addresses to "public" ones except that the Mac is creating it's own private subnetwork for the Xbox.
B
Hmm, makes sense. I have not the slightest clue how to do that though.
Btw guys, just so you know, you so far are being 10x more helpful than Linksys support. They didn't know crap.
I can suggest search terms. Basically you want your Mac to provide Ethernet bridging between the wireless and wired ports.
EDIT: These might help:
http://www.macosxhints.com/article.php?story=20060930205108232
http://www.macosxhints.com/article.php?story=20020914100451316
B
Sure you can. You would just need to set up another forward on the iMac to handle the extra layer. OS X internet sharing uses BSD's ipfw and you can just add a forward from the command line. Google ipfw (not the university in my home town...) and it should give you some info.
Better yet, there is a gui available. Flying Butress is the old Brickhouse and it should work fine under Tiger. Just use it to set up another forward on those ports and everything should work fine.
The easiest thing you can do, however, is just to hook it directly in to your router.
You might be able to get it to work, but NAT behind NAT is completely unnecessary here. The articles I linked above suggest a number of ways of just having the Mac bridge between the two connections.
B
I agree with that wholeheartedly and this is essentially what bridging would do.
B
Unless you have a specific need to subnet, stick with bridging exactly as balamw suggested. If you're having your router dish out IP's, have the iMac relay it as well.
Alright guys, I tried the software and it doesn't work. My NAT is still Moderate. I'm going to try some of Balamw solutions. Don't give up on me!
THANK YOU SO MUCH
I'm assuming you just installed it. You have to configure a forward as well.
FWIW. I read the articles rather than skimming and they are lacking.
One uses the built-in internet sharing and the other also creates a router instead of a true bridge. While a bit easier to set up than the NAT behind NAT (IMHO) it's still too complicated.
EDIT Here's a FreeBSD link on ipfw and bridging that might also apply to OS X http://www.phildev.net/ipf/IPFfreebsd.html
B
One uses the built-in internet sharing and the other also creates a router instead of a true bridge. While a bit easier to set up than the NAT behind NAT (IMHO) it's still too complicated.
EDIT Here's a FreeBSD link on ipfw and bridging that might also apply to OS X http://www.phildev.net/ipf/IPFfreebsd.html
B
I agree about that. If you can change away from NAT, do so. You are already behind one on your main network and this 2nd one does add complexity. I'll admit, I'm just so used to subdomains and maintaining network infrastructure that I overlooked this.
tuartboy, I configured the forwards as well. I'm going to try out the first link balamw posted, but I'm still confused and am looking for a step by step solution.
Thanks Again
EDIT: Should I go ahead with what the first link said, to change the parameters in the /etc/hostconfig file?
EDIT2: Should I go ahead with the link just posted by balamw about FreeBSD?
^^Sorry, when it comes to networking and such i'm useless.
Thanks Again
EDIT: Should I go ahead with what the first link said, to change the parameters in the /etc/hostconfig file?
EDIT2: Should I go ahead with the link just posted by balamw about FreeBSD?
^^Sorry, when it comes to networking and such i'm useless.
Interesting. Sorry, it's been too long since I used it to help you out with it. Well, I *must* sleep now and I hope you have this figured out by morning. I'll check in tomorrow sometime to see what's up.
Good luck!
As many of the comments there suggest the link is setting up a router not a bridge, which is still too complex as it partitions your network. I missed it for the same reason as tuartboy, I'm too used to slapping these things together and making them work.
Here's another FreeBSD link which I don't know if applies to Darwin.
http://www.chrishowells.co.uk/index.php?content=5
EDIT: Here's Wiki link on what I remember to be the problem of NAT behind NAT. http://en.wikipedia.org/wiki/NAT_traversal. It might work if the two NAT implementations are aware of each other, but in general NAT behind NAT doesn't work well if you need to port forward.
B
Aww guys I'm so confused by that FreeBSD. I really don't know what to do, I don't want to ruin the OS by changing the wrong parameters in the core system files / etc. Do you guys think I should go ahead with it? Is it worth the trouble?
Have you considered just getting a "wireless gaming adapter" for the Xbox? They can be had for ~$60-$100 and would avoid you having to plug the Xbox into the Mac at all.
FWIW unless you take the extra steps to make changes to kernel options/routing tables persist across reboots they'll simply vanish the next time you restart the Mac.
B
FWIW unless you take the extra steps to make changes to kernel options/routing tables persist across reboots they'll simply vanish the next time you restart the Mac.
B
Yeah, that seems to be the best option. Maybe i'll see what I can find tomorrow. I'm pretty tired, I'm going to head off to bed. Maybe if I feel like it I'll start on my endless search again. Anyway, thank you so much balamw & tuartboy & the others that replied.
-
-