Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
447 posts

Ultimate Geek
+1 received by user: 168

Subscriber

  Reply # 2185760 23-Feb-2019 10:43
One person supports this post
Send private message quote this post

I don't know much about Trustpower, so hopfully some one else here will know if they use a CGNAT setup for their network.

 

If they do us CGNAT, you will have to request a puplic static IP address from them. There will most likely be a cost for this, assuming they can do it at all.


5355 posts

Uber Geek
+1 received by user: 1828


  Reply # 2185763 23-Feb-2019 10:57
Send private message quote this post

barrynz:

 

How do i manage to browse the web then?

 

 

You don't need a public IP to browse the web. Their connections are CG-NAT by default, so you have another level of NAT. The WAN IP of your router is not a public IP, so you will never be able to connect from outside.


 
 
 
 


523 posts

Ultimate Geek
+1 received by user: 114


  Reply # 2185766 23-Feb-2019 11:09
Send private message quote this post

As you dont have a public facing IP your options are limited.

 

One possible solution is something like this: https://www.dataplicity.com/

 

You will be putting your trust into them as the way it works is you have a host (Raspberry Pi in this case...but doesnt have to be) that holds a session option to Dataplicity. You then connect to your host through Dataplicity - its essentially a (very limited) proxy.  I have used this in the past, but have since moved to a full VPN set up.


5355 posts

Uber Geek
+1 received by user: 1828


  Reply # 2185767 23-Feb-2019 11:13
Send private message quote this post

Or request a public IP from TrustPower, or move to an ISP that provides public IPs by default.


697 posts

Ultimate Geek
+1 received by user: 86

Lifetime subscriber

  Reply # 2185769 23-Feb-2019 11:23
Send private message quote this post

A possible way to check if you are behind a CGNAT is explained here:

 

https://superuser.com/questions/713422/how-would-i-test-to-see-if-im-behind-carrier-grade-or-regular-nat

 

 





Gordy


6547 posts

Uber Geek
+1 received by user: 457

Trusted
Subscriber

  Reply # 2185771 23-Feb-2019 11:28
One person supports this post
Send private message quote this post

If you stay with this service with CG-NAT you could resort to using something like Chrome remote desktop and connect to a machine inside your network.

 

Alternatively, I recently helped a mate with a similar issue get around this problem, used a cheap linux machine in aws that I had setup for other purposes, used reverse ssh tunnels to connect and jumped through the nat, all sorted in a few minutes, although with that exact solution it assumes you are happy with simple ssh tunnels (simple but fast). You could do a similar thing with more complex ipsec or other vpns and use the aws machine as the hub and dailin from both your home and remote machines and route between.

 

Cyril


435 posts

Ultimate Geek
+1 received by user: 144


  Reply # 2185772 23-Feb-2019 11:44
Send private message quote this post

You need to check if Trustpower are provisioning you with a real world IP address or CGNAT. CGNAT gives you a private IP address, so you still get out but setting up VPNs and web servers cannot happen.

 

I can't tell if they run CGNAT (see posts above to check your IP), but they do offer static IP's for $5 a month: https://ask.trustpower.co.nz/app/answers/detail/a_id/185/~/static-ip

 

Also make sure you setup 2 factor authentication (aka One Time Passwords on the Sonicwall), it's free and worth doing.




34 posts

Geek


  Reply # 2185794 23-Feb-2019 12:39
Send private message quote this post

vulcannz:

 

You need to check if Trustpower are provisioning you with a real world IP address or CGNAT. CGNAT gives you a private IP address, so you still get out but setting up VPNs and web servers cannot happen.

 

I can't tell if they run CGNAT (see posts above to check your IP), but they do offer static IP's for $5 a month: https://ask.trustpower.co.nz/app/answers/detail/a_id/185/~/static-ip

 

Also make sure you setup 2 factor authentication (aka One Time Passwords on the Sonicwall), it's free and worth doing.

 

 

 

 

Yeah i think they are using CGNAT - hence the wan port is getting this range of RFC 6598 states that 100.64.0.0/10.

 

I think i got the answer, CGNAT feature is limiting us to be accessed from outside home net, i think i have to go ahead with static IP then, which is 5$ :).

 

 

 

 




34 posts

Geek


  Reply # 2185801 23-Feb-2019 12:42
Send private message quote this post

barrynz:

 

vulcannz:

 

You need to check if Trustpower are provisioning you with a real world IP address or CGNAT. CGNAT gives you a private IP address, so you still get out but setting up VPNs and web servers cannot happen.

 

I can't tell if they run CGNAT (see posts above to check your IP), but they do offer static IP's for $5 a month: https://ask.trustpower.co.nz/app/answers/detail/a_id/185/~/static-ip

 

Also make sure you setup 2 factor authentication (aka One Time Passwords on the Sonicwall), it's free and worth doing.

 

 

 

 

Yeah i think they are using CGNAT - hence the wan port is getting this range of RFC 6598 states that 100.64.0.0/10.

 

I think i got the answer, CGNAT feature is limiting us to be accessed from outside home net, i think i have to go ahead with static IP then, which is 5$ :).

 

 

 

 

 

This is from their site:

 

 

 

 

NAT type

 

How can I resolve my NAT type issues? 

 

 

 

 

 

NAT (Network address translation) is the ability of a modem to translate a public IP address to a private IP address and vice versa.

 

 

 

Gaming consoles often encounter NAT related issues which result in a poor gaming experience. If you are experiencing issues with a "strict" NAT type, please contact us and we can make sure CGN is turned off for your connection, this should resolve most NAT type issues. 

 

 

 

If this doesn't help, you may need to port forward,  and change your NAT type to either moderate or open. This is not a function supported by the Trustpower technical support team, you will need to use the Port Forward website.

 

 

 

 

 


5355 posts

Uber Geek
+1 received by user: 1828


  Reply # 2185805 23-Feb-2019 12:52
Send private message quote this post

barrynz:[snip] If you are experiencing issues with a "strict" NAT type, please contact us and we can make sure CGN is turned off for your connection, this should resolve most NAT type issues.     

 

This is what you need to do. You need a public (i.e. non NATed) address. Having a static address will make it easier, but this is not required. A dynamic public address with a dynamic DNS resolver will work fine.


435 posts

Ultimate Geek
+1 received by user: 144


  Reply # 2186614 25-Feb-2019 07:17
Send private message quote this post

Note if you do get a dynamic public address the Sonicwall also supports dynamic dns services (like DynDNS).


364 posts

Ultimate Geek
+1 received by user: 65

Trustpower

  Reply # 2186656 25-Feb-2019 08:50
Send private message quote this post

Hi @barrynz

 

As others have mentioned, Trustpower can provide a dynamic public IP for free or a Static IP for $5 per month.

 

If you would like either option, you should be able to contact our Webchat team via trustpower.co.nz to sort this out for you.
Alternatively if you want to PM me your account details, phone number and best time to call and I can organize someone from our Tech Support to give you a call to sort this out as well.

 

Thanks, 

 

Tane





Any comments made are my personal views and does not represent those of my employer


1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40


Netflix is killing content piracy says research
Posted 28-Feb-2019 09:33


Trend Micro finds shifting threats require kiwis to rethink security priorities
Posted 28-Feb-2019 09:27


Mainfreight uses Spark IoT Asset Tracking service
Posted 28-Feb-2019 09:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.