ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Can't download Windows Updates or visit Microsoft.com

    Scheduled Pinned Locked Moved IT Discussion
    microsoftdowncomcast
    38 Posts 8 Posters 13.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender @scottalanmiller
      last edited by

      @scottalanmiller said:

      @Dashrender said:

      Double NAT? is everyone here running two routers in series behind their ISP's connection?

      Not me.

      OK good I thought I had missed something completely.

      ? 1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender @PSX_Defector
        last edited by

        @PSX_Defector said:

        @thecreativeone91 said:

        @Dashrender said:

        Double NAT? is everyone here running two routers in series behind their ISP's connection?

        Not me. Never done that. I hate double nat.

        Thing is, lots of folks don't know or cannot configure stuff.

        When I was at the big blue Borg, had lots of folks who would double NAT a device behind a 2wire. Caused all kinds of weird shit when attempting to browse to Yahoo's mail site. Current U-Verse equipment unless properly configured will wind up with a double NAT scenario. Even configured differently will only be pseudo-public. Same thing happens at the big red V on their equipment.

        Comcast has delivered lots of "routers" to folks so we wind up with lots of double NAT. And those devices are much harder to modify to bridge mode. Same thing with Time Warner, Cox, and Charter.

        Sometimes its unavoidable. But it does fun things when you try it. Hence why every ISP will tell you to remove any third party equipment from their stuff to troubleshoot. Its not just because they are from a certain subcontinent and reading from a script. Clearing cache and cookies, yeah, that's in the script. 🙂

        You're right, I forgot that some ISPs are now starting to provide NAT'ed connections to customers. If those customers want to protect themselves from the ISP, they have to install their own firewall, and poof double NAT'ing. One reason why I always suggest getting a separate cable modem and router when possible.

        1 Reply Last reply Reply Quote 0
        • ?
          A Former User @Dashrender
          last edited by A Former User

          @Dashrender said:

          @scottalanmiller said:

          @Dashrender said:

          Double NAT? is everyone here running two routers in series behind their ISP's connection?

          Not me.

          OK good I thought I had missed something completely.

          People are recomeding double NAT over there as a security practice. It gives you better security they claim to have two firewalls. So apparently some are.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @A Former User
            last edited by

            @thecreativeone91 said:

            I bought my modem myself rather than Through Comcast so luckily I didn't have to deal with their crappy modems.

            Anyway it all randomly started working lastnight. Microsoft started working again. No more high latecny and no constant loss of connection. No idea what happened as I didn't change anything.

            Maybe the ISP had an upstream problem? I've seen this before when they had a bad route and whole sections of the internet were inaccessible.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @A Former User
              last edited by

              @thecreativeone91 said:

              @Dashrender said:

              @scottalanmiller said:

              @Dashrender said:

              Double NAT? is everyone here running two routers in series behind their ISP's connection?

              Not me.

              OK good I thought I had missed something completely.

              People are recomeding double NAT over there as a security practice. It gives you better security they claim to have two firewalls. So apparently some are.

              Double firewalls does not equal double NAT. Double firewalls used to be a standard practice and enterprises all still do this. But I know of none that do double NAT, many don't do NAT at all.

              ? 1 Reply Last reply Reply Quote 0
              • ?
                A Former User @scottalanmiller
                last edited by

                @scottalanmiller said:

                @thecreativeone91 said:

                @Dashrender said:

                @scottalanmiller said:

                @Dashrender said:

                Double NAT? is everyone here running two routers in series behind their ISP's connection?

                Not me.

                OK good I thought I had missed something completely.

                People are recomeding double NAT over there as a security practice. It gives you better security they claim to have two firewalls. So apparently some are.

                Double firewalls does not equal double NAT. Double firewalls used to be a standard practice and enterprises all still do this. But I know of none that do double NAT, many don't do NAT at all.

                Yes of course. But in this case they are reccomeding using two routers.

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @A Former User
                  last edited by

                  @thecreativeone91 said:

                  Yes of course. But in this case they are reccomeding using two routers.

                  Right, that's what I'm saying. Two routers and/or two firewalls doesn't suggest double NAT.

                  ? JaredBuschJ 2 Replies Last reply Reply Quote 0
                  • ?
                    A Former User @scottalanmiller
                    last edited by

                    @scottalanmiller said:

                    @thecreativeone91 said:

                    Yes of course. But in this case they are reccomeding using two routers.

                    Right, that's what I'm saying. Two routers and/or two firewalls doesn't suggest double NAT.

                    If it's configured in that way. But they way they were suggestion is is using the second NAT to separate business related in the same building (parent company from sister company etc.) instead of using a single router with a firewall and separate subnets for each.

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • nadnerBN
                      nadnerB
                      last edited by

                      I don't see the point in over complicating it by using double NAT.
                      It just makes things more difficult for the poor bunny that has to troubleshoot it.

                      1 Reply Last reply Reply Quote 1
                      • ?
                        A Former User
                        last edited by A Former User

                        This is just one of them I've seen recently. http://community.spiceworks.com/topic/859078-soho-router-to-router-dchp-works-static-doesnt

                        1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @A Former User
                          last edited by

                          @thecreativeone91 said:

                          @scottalanmiller said:

                          @thecreativeone91 said:

                          Yes of course. But in this case they are reccomeding using two routers.

                          Right, that's what I'm saying. Two routers and/or two firewalls doesn't suggest double NAT.

                          If it's configured in that way. But they way they were suggestion is is using the second NAT to separate business related in the same building (parent company from sister company etc.) instead of using a single router with a firewall and separate subnets for each.

                          That's different then.

                          ? 1 Reply Last reply Reply Quote 0
                          • ?
                            A Former User @scottalanmiller
                            last edited by

                            @scottalanmiller Yeah. He flagged all of my responses as unrelated because his question was about removing a double NAT or setting up multiple subnets. And they were deleted.

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @A Former User
                              last edited by

                              @thecreativeone91 said:

                              @scottalanmiller Yeah. He flagged all of my responses as unrelated because his question was about removing a double NAT or setting up multiple subnets. And they were deleted.

                              Wait... they got deleted? Seriously?

                              1 Reply Last reply Reply Quote 1
                              • scottalanmillerS
                                scottalanmiller
                                last edited by

                                They'd better not delete my posts for trying to help him understand where his problems are. What a load of crap.

                                1 Reply Last reply Reply Quote 1
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  Similar...

                                  http://www.rferl.mobi/a/how-to-guide-russian-trolling-trolls/26919999.html

                                  1 Reply Last reply Reply Quote 1
                                  • ?
                                    A Former User
                                    last edited by

                                    A Comcast tech I know said they had an issue with MTU being wrong which caused issues with packets being dropped.

                                    1 Reply Last reply Reply Quote 0
                                    • JaredBuschJ
                                      JaredBusch @scottalanmiller
                                      last edited by

                                      @scottalanmiller said:

                                      Right, that's what I'm saying. Two routers and/or two firewalls doesn't suggest double NAT.

                                      Yes it does. The typical SoHo gear does not have the routing capability out of the box to do any BUT basic NAT. This means double NAT always.

                                      Additionally, the only way most people know how to set up gear is static/DHCP WAN and a NAT to the LAN.

                                      So again, yes, two routers immediately suggests double NAT.

                                      This does not mean two router technically suggests a double NAT, as it does not. But that is not a standard in practice skill.

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @JaredBusch
                                        last edited by

                                        @JaredBusch said:

                                        @scottalanmiller said:

                                        Right, that's what I'm saying. Two routers and/or two firewalls doesn't suggest double NAT.

                                        Yes it does. The typical SoHo gear does not have the routing capability out of the box to do any BUT basic NAT. This means double NAT always.

                                        Additionally, the only way most people know how to set up gear is static/DHCP WAN and a NAT to the LAN.

                                        So again, yes, two routers immediately suggests double NAT.

                                        This does not mean two router technically suggests a double NAT, as it does not. But that is not a standard in practice skill.

                                        But no IT pro or business would seriously suggest home equipment and even sub $100 business gear doesn't require NAT. Anyone in this category falls below the "business" line. It is and always has been standard to have double routers, but not double NAT, in business. This is common from both networking and systems training sides. That somewhere some confused home users suggest double NAT doesn't mean that IT recommendations of double routers suggests double NAT, or any NAT.

                                        1 Reply Last reply Reply Quote 0
                                        • ?
                                          A Former User
                                          last edited by

                                          If you use NAT for "security" what the heck do they plan on doing when IPv6 is mainstream. I don't think that guy understands PCI compliance either.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 1
                                          • scottalanmillerS
                                            scottalanmiller @A Former User
                                            last edited by

                                            @thecreativeone91 said:

                                            If you use NAT for "security" what the heck do they plan on doing when IPv6 is mainstream. I don't think that guy understands PCI compliance either.

                                            No, not at all. And several people in that thread even said that they wouldn't actually recommend double NAT, just double routers. In the case of the OP, he isn't saying that he wants to do it but that he refuses to explain how to do things well. Basically, he doesn't care at all about the client and is unclear on where his demarcation point is because he keeps flip flopping on that point in order to shut down whoever is trying to help him at the particular moment.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 2 / 2
                                            • First post
                                              Last post