apple extreme base station problem
alf2016a
Enthusiast - Level 2

Hello, I have a Apple Airport Extreme 802.11n base station that worked fine with a Comcast router.  When setting up with Comcast router, I set the comcast router as a bridge and the Airport Extreme did all the work as the primary router. When I switched to Verizon FIOS today, I got the typical double NAT error (which I did with the Comcast until setting up the Comcast router as a bridge).  However, the FIOS tech support guy said that was not an option so he setup my Airport Extreme in the bridge mode - router mode off.  This really screws up incoming access using SSH, Timbuktu, or Apple Screen Sharing since I can't assign fixed IP addresses for computers on my network and can't use the Port Settings option in Network in Airport Utility to open 'pipes' for a particular computer.  Plus, I'm more comfortable using the Airport Extreme rather than the FIOS stuff. Anyone have suggestions other than going back to Comcast?

0 Likes
1 Solution

Correct answers
Re: apple extreme base station problem
lasagna
Community Leader
Community Leader

If you have TV service, there really is no easy way to avoid the double-NAT scenario.  Vz relies on the services on their router to do MoCA bridging on the Coax so that their set-top boxes can get to the Internet as well as for providing the MoCA WAN to the internet facing side of the router.   You also need their router in order to allow them to program the proper port forwards for the set-top boxes so that all the remote access and remote control capabilities function.

I ran double-NAT for years with no issues as long as you understand that devices attached to or wifi connected to your router are on a different network than those on the Vz router or wifi.  If you don't understand these more advanced network concepts, then I would recommend one of the following to configurations for you:

1. Turn off the Wi-Fi on the Vz router (disable wireless in the administration page), assign a static IP address on the public side of your Airport on the Vz network or setup a DHCP permanent lease on the Vz router, and then place the Airport's public address in the "DMZ" on the Vz router configuration.   This will port forward all unused ports from the Internet to your Airport allowing you to control everything from there.

2. If the above sounds a bit confusing, then the better approach for you is to use "bridge mode" on your Airport.  Disable Wi-Fi on your Vz router in the administration page.   Attach to the Airport with the Airport Utility and set the Extreme into "bridge" mode.   Any port forwards, etc. will now have to be configured on the Vz router instead.  Your Extreme provides the Wi-Fi only.  This will eliminate the double-NAT for you.

View solution in original post

Re: apple extreme base station problem
mfizzy
Specialist - Level 1

If you have TV service, you need the verizon router. If you do not have tv service how does your Internet come for the ONT via a coax cable or ethernet? if it is ethernet, just remove the verizon router and use your router only. If service is over a coax cable call in to tech support to have your internet switched to ethernet. You will need to run an ethernet cable from your router to the ONT before you call in.

If you do have TV service, you technically can use your router first and connect the verizon router to a lan port on yours so the cable boxes have internet service. some features like caller id on tv and web remote will not work, but your guide and video on demand should. The same thing applies as above for needing internet over ethernet. As Im sure you know, you will not get any support from verizon with this setup.

0 Likes
Re: apple extreme base station problem
alf2016a
Enthusiast - Level 2

thanks to hippis!

I have triple play so phone/TV service too. I suppose I can try your option but will need to do some rewiring which will be a major hassle.  All my ethernet wires from devices end at the Airport base station while the Fios router (previously Comcast) is in the basement as is the phone (and TV) hookup. I suppose I could get some kind of hub/switch where the Airport is and then move the Airport in front of the FiOS router with an ethernet line coming from the hub to the Airport.

I suppose the other option is to ask Verizon about how I can route incoming ssh type connections to a particular computer on the home network.  I'm not optimistic that they'll have a fix?

Of course, the easiest fix is to go back to Comcast as soon as current contract ends.

0 Likes
Re: apple extreme base station problem
alf2016a
Enthusiast - Level 2

I should have checked veirizon router before last post since the input to router is a coaxial cable and not ethernet wire. Not sure how I would go into Verizon panel box that connects to outside line?  so unclear how to put Airport before Verizon router?

0 Likes
Re: apple extreme base station problem
mfizzy
Specialist - Level 1
Sounds like you may just need port forwarding turned on. Log into the router and select firewall settings at top and port fowarding. Create a rule to forward incoming traffic on ssh port to the computer it need to go to. Portforward.com should have info you need
0 Likes
Re: apple extreme base station problem
lasagna
Community Leader
Community Leader

If you have TV service, there really is no easy way to avoid the double-NAT scenario.  Vz relies on the services on their router to do MoCA bridging on the Coax so that their set-top boxes can get to the Internet as well as for providing the MoCA WAN to the internet facing side of the router.   You also need their router in order to allow them to program the proper port forwards for the set-top boxes so that all the remote access and remote control capabilities function.

I ran double-NAT for years with no issues as long as you understand that devices attached to or wifi connected to your router are on a different network than those on the Vz router or wifi.  If you don't understand these more advanced network concepts, then I would recommend one of the following to configurations for you:

1. Turn off the Wi-Fi on the Vz router (disable wireless in the administration page), assign a static IP address on the public side of your Airport on the Vz network or setup a DHCP permanent lease on the Vz router, and then place the Airport's public address in the "DMZ" on the Vz router configuration.   This will port forward all unused ports from the Internet to your Airport allowing you to control everything from there.

2. If the above sounds a bit confusing, then the better approach for you is to use "bridge mode" on your Airport.  Disable Wi-Fi on your Vz router in the administration page.   Attach to the Airport with the Airport Utility and set the Extreme into "bridge" mode.   Any port forwards, etc. will now have to be configured on the Vz router instead.  Your Extreme provides the Wi-Fi only.  This will eliminate the double-NAT for you.

Re: apple extreme base station problem
alf2016a
Enthusiast - Level 2

thanks for the suggestions.  From the advice rec'd, a few impressions:

1. Airport can not be put in front of verizon router

2. Getting a static IP has addiitonal cost

3. Connectivity from outside computer was problematic with double NAT and DHCP at least

4.  Port forwarding worked for filesharing and screen sharing on a mac using Verizon router and having Airport in bridge mode. My wireless network from my Airport worked for some reason and I could access from outside using port forwarding in Verizon router and assigning a fixed IP to target computer. Verizon wireless could be off or on - didn't matter.

5. Still trying to get Timbuktu to work but it's a discontinued product so low priority.

0 Likes
Re: apple extreme base station problem
epelba01
Newbie
What ports did you have to open for file and screen sharing to work? I have the same setup as yours which worked fine prior to my upgrade to MacOS SIerra.
0 Likes