dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
share rss forum feed


NetFixer
Freedom is NOT free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

4 edits
reply to MrMazda86

Re: Disable NAT on Vonage V-Portal

said by MrMazda86:

That all depends on how your provider forwards things to make the different IP addresses work. With NAT disabled, the PPPoE link gets established from the Vonage ATA, which then allows it direct connectivity while effectively using it as a hopping point to be able to directly expose the LAN IP as an internet IP. This is pretty common with a subnet.

It has nothing to do with subnetting or anything else that the internet service provider controls. It has to do with what a Vonage ATA/router does when you disable NAT on its WAN interface. I have tried this now with two different Vonage ATA/routers (a Cisco/Linksys RTP300 and a Motorola VT2442) and neither one of them bridged the public IP address to their LAN interface. Instead, they simply became standalone ATA devices with no bridge or router passthrough for IP traffic.

The only way either of those devices would allow LAN/WAN communication was with NAT/Router functions enabled. In that mode, if you enable DMZ for a single device on their LAN, that device is directly visible to the Internet (currently both my Linux and Windows servers operate behind their respective Vonage ATA/router boxes with no problems whatsoever). Yes, that uses NAT, but I don't think you are going to be able to get around that if you continue to use Vonage and try to share a single public IP address with both the Vonage ATA/router and a PC connected behind it. Vonage is a "do it our way" company; if you want a "do it your way" company you are going to have to look somewhere else for your VoIP service.

As for the Vonage box establishing the PPPoE connection, I thought that you said that your DSL router had to do that, and then the devices behind it would directly use the public IP addresses that your ISP provided to you and that you setup in that router's config. And FWIW, I have done PPPoE from Vonage boxes in the past, and the public IP address in that mode is assigned to the Vonage box's WAN; it is not passed through to its LAN (or to devices connected to its LAN).

However, if we are back to you being able to do multiple PPPoE sessions for multiple devices, then you may be able to get away with using the PPPoE PassThrough mode in the Vonage box. My VDV23 supports PPPoE PassThrough, and I am pretty sure that the Vonage Vportal box does it too. That is something that I have never tried with a Vonage box because the older Vonage ATA/routers I have used did not support it, and my current ISP uses DHCP instead of PPPoE.

said by VDV23 :

PPPoE PassThrough

Allows PCs connected to your LAN to use the PPPoE client software provided by your ISP to connect to a PPPoE server on the Internet. By enabling PPPoE PassThrough you allow multiple users, each with their own PPP user name and password, to share your DSL connection.



--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

MrMazda86

join:2013-01-29
Kitchener, ON

1 edit

I think that's where you're not understanding the setup... The modem currently establishes the PPPoE link with NAT disabled so that I can create my LAN using the static subnet that I have been issued. Effectively, the IP address (public IP) that gets assigned to the PPPoE link remains "invisible", while the IP addresses on the LAN are what show up as the IP address from which I am connecting.

If I were to use the V-Portal to establish the PPPoE link, I would then bridge the modem because with the way it is setup, you are limited to only ONE PPPoE link because there is only ONE IP address for which it will be assigned.

As for not allowing the pass through of IP traffic, that is not entirely the case. When NAT is disabled, there is nothing to translate the IP address, as to make the public IP visible to the outside, while making the switch back and forth between the LAN and WAN IP. When NAT is disabled, no such translation is made, so if your established LAN IP addresses are not routed by your provider to your static public IP, the result that you will end up with will appear to be a useless device connection. If the proper routing is in place by your provider however, your LAN IP addresses will be the ones to appear as though they are connecting to the internet directly, which bypasses the need for any such port forwarding.

This is the whole reason why most routers enforce NAT because it's the only way to allow a change in the IP address. Without it as I mentioned, there is no translation of the IP address, which leaves you with a situation where the traffic cannot be processed through the device because the IP address that is showing as the origin is not a routable IP address. In such a case where NAT is disabled, the IP address for the PPPoE connection becomes a "hop" point for which relays the traffic, without the need to translate the address.

This is actually a common and pretty standard method of networking actually.

Also, while I'm on that note, I can tell you from experience that establishing multiple PPPoE links through the same modem is a GREAT way to lead to network instability and reliability issues, especially when more than one user is doing anything that requires any amount of traffic because it allows for the line to much more easily (and quickly) get congested. Aside from that, there's also an issue that will rear its ugly head under higher traffic loads where latency will become RIDICULOUS as compared to only establishing a single PPPoE link, which in a lot of cases will also result in random (and frustrating I assure you) packet loss. I can confirm this for fact from having done this for a number of years before switching to the setup that I'm currently on.

As well, if you don't have a subnet established with the routing in place, normally, disabling NAT on any routing device (be it a Vonage Adapter or otherwise) will produce the illusion of not being able to route any connectivity through the device. This is also a pretty standard thing with every single routing device of any kind that I have ever worked with. The routing tables and such must be in place to allow the LAN subnet to be directly exposed. In most cases, NAT is needed because most users don't have a subnet in which is already established to be able to do this and have it work. That's where the problem will lay.



NetFixer
Freedom is NOT free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

I understand how routed subnets work; the problem is that you seem to keep changing your story about how your network is configured. The subject of doing the PPPoE on the Vonage box was brought up by you, not by me. I only offered you a possible solution if you indeed could get multiple PPPoE sessions from your ISP (which some ISPs do allow...AT&T for example allows this for business class accounts).

What I have tried to explain to you is that what you want to do with your Vonage Vportal box is not going to work because my testing shows me that the Vonage firmware will not allow it to work. You can chose to believe that or not.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.