Hi Guys,
i have the Problem with double NAT and i have no idea how to disable NAT on the 845L
my Network looks like the following:
- ISP connection via PPoE, one single dynamic public IP
- D-Link DSL-321B/DE Modem, HW-Rev: D2, FW: DE_1.02 (mentioned on the label), running in bridge mode
- Modem is connected to pf-Sense at the WAN interface (Firewall distro on a PC Engines APU 1.c4)
- pf-Sense is running PPoE, NAT, Routing, DHCP (for DMZ only)
- DMZ interface isn't a problem right now, cause theres only a layer 2 switch
- LAN interface: Link to the 845L
- D-Link DIR 845L, HW-Rev: A1, FW: 102b07 (upgraded just this day)
- 845L is running DHCP for the LAN/WLAN
- pf-Sense is connected to the WAN interface of the 845L with static IP configuration, just a transport Net with a /30 prefix. Static route is setup at the firewall, but not needed cause of the double NAT
My Problem now:
The configuration above is producing the double NAT issue! Because of the DMZ connected to the firewall, the firewall has to do the NAT! But i cannot find any option to disable the NAT on the 845L.
Other setup was to run the 845L in access point mode (with the "no Style" trick). This turned the 845L in an unmanageable switch with no WLAN. Did i something wrong or is the 845L not capable of it?
My last idea was to connect the firewall not to the WAN port of the 845L. Instead i used a usually switch port. Now, the 845L cannot send the right gateway via DHCP to the clients, cause it assumes the gateway to be at the WAN port. I disabled the DHCP on the 845L and configured it at the firewall. This option works quite good, but my WLAN clients don't get a DHCP lease, i am suggesting the 845L splits these to different media (LAN/WLAN) in different broadcast zones. I am missing an option to enable broadcast forwarding or DHCP relay agent...
Would be great, if someone could help me.
Author
Topic: DIR 845L running behind a firewall with NAT enabled (Double NAT) (Read 5345 times)