This article explains when Double NAT could be an issue and what you can do to alleviate the issue.

What is NAT?

In computer networking, the process of Network Address Translation (NAT) involves re-writing the source and/or destination address of IP packets as they pass through a router. NAT allows multiple hosts on a private network to access the Internet using a single public IP address.

What is Double NAT?

You call it Double NAT when NAT is being performed not just on a router, but also on another device that is connected in front of it. In this case, the public/private network boundary doesn't exist on a router - it is on the other device, which means that both the WAN and LAN sides of your router are private networks. Misconfigured Double NAT scenario might lead to connectivity issues (call failures, URL Calling Disabled etc.), especially if one of the devices is an incompatible modem \ router.

Policy / Information

  • It is a good thing to check for possible double NAT when performing basic troubleshooting, so you will not miss a device that can possibly cause issues with voice services.
  • If the ISP provided modem is acting as a modem and a router, most of the time there is no way to disable SIP ALG on that modem/router. 
  • To detect Double NAT on a network, log into a router and look up the IP address of its WAN port. If you see an address in it means that the device the router's WAN port connects to is doing NAT, and hence, you're dealing with double NAT.
  • If you cannot access a router, perform a tracert (on Windows) or traceroute (on Mac) to, for example, 8.8.8.8. If you see a private IP address on a second hop - this means there is a Double NAT (which is not a bad thing when configured properly).
  • If a modem/router is running firmware that is interfering with VoIP (e.g. lacks an option to disable SIP ALG) to resolve the issue you need to bridge ISP modem/ router to a compatible router.
  • Bridging a modem/router to another router is a time-consuming operation and often requires an ISP participation. 
  • Depending on an ISP, full bridge mode can be enabled on a modem/router, or an IP passthrough/ software bridge.
  • In full bridge mode, the ISP modem/router is turned into a dumb device which passes information transparently to the second device - wifi and all ports except the one that is passing the data are disabled. In this case, if any ports on the modem/router were used to connect computers or phones they will probably no longer work and need to be connected into the second device. 
  • In an IP passthrough/software bridge mode only one port is used to pass the public IP address, and the other ports and WiFi will still work. Network Address Translation is not disabled on the modem/router in this case, which creates a double NAT situation that does not cause any issues, hereby does not need to be further corrected.
  • Regardless of the bridging mode type all the devices, including the wireless need to be moved over to the new compatible router. 
 
For recommended network configurations refer to Basic Network Diagrams.

Is this answer helpful?

Haven't found what you're looking for? Search the Support Center!
Print Article
Article Information

Article ID: 14069

Last updated on: 01/04/2024 05:37 AM

Product: {{item.Name}}{{$index < (answer.Products.length-1) ? ', ' : ''}}

Internal Only
Partner Article

Tags: {{item.trim()}}{{$index < (answer.Keywords.length-1) ? ', ' : ''}}

Attachments:
Related Articles