Results 1 to 8 of 8
  1. #1
    Join Date
    Jan 2008
    Posts
    640

    How to Setup Dymamic DNS on a Double NAT Network using 2 Routers?

    Hi,

    On my small office network i have 2 routers on my network. One is from my internet ISP provider and the other one is my own personal Draytek 2130 router, that is who managed all my internal office network. In a simple way my ISP router is there only to pass internet signal.

    First problem that I have is that my internet provider does not allows for dedicated ipís, so I have dynamic ip.

    Second problem that I have is that my ISP router does not allows to be set just as a modem or in a bridge mode. So what I have done was to connect it from LAN to my Draytek WAN and then I activate DMZ on my ISP router putting there my Draytek router IP.

    Now I have a NAS server inside my network who I need outside access so I need to setup a Dynamic DNS service and I have chosen Dyndns and I want it to be setup directly on the router.

    Regarding this I have one question:

    1- Both my ISP and my Draytek routers support and have available on their Administration page the option to activate Dynamic DNS with Dyndns. So should I setup the Dyndns account only on my Draytek router, or just on the ISP router or on both?

    I appreciate anyone who can advice me on this.

    Thanks

  2. #2
    Join Date
    Mar 2012
    Posts
    1,153
    Setup dyndns into your ISP router.

    In case of needing to open a port (port forwarding), then por forward in your ISP router pointing to your 2nd internal router, then in that internal router port forward to the machine.

    Example port 81:

    Router ISP->Forward port 81 to Internal Router IP->Then Internal Router forward 81 to pc / server/ device.

    Basically double port forwarding.

  3. #3
    Join Date
    Jan 2008
    Posts
    640
    Quote Originally Posted by HRR1963 View Post
    Setup dyndns into your ISP router.

    In case of needing to open a port (port forwarding), then por forward in your ISP router pointing to your 2nd internal router, then in that internal router port forward to the machine.

    Example port 81:

    Router ISP->Forward port 81 to Internal Router IP->Then Internal Router forward 81 to pc / server/ device.

    Basically double port forwarding.
    Hi HRR1963,

    Thanks for your advice. I will setup my Dyndns account on the ISP router.

    As per port forward, i already have activate DMZ on the ISP Router to point to my own Draytek 2130 router, so do i still to open ports? A fried told me that if i put the Draytek router IP as DMZ on the ISP router, i do not have to manually open ports, because as being on DMZ all ports are open by default. Is this correct?

    Thanks

  4. #4
    Join Date
    Mar 2012
    Posts
    1,153
    Quote Originally Posted by pedrojose View Post
    Hi HRR1963,

    Thanks for your advice. I will setup my Dyndns account on the ISP router.

    As per port forward, i already have activate DMZ on the ISP Router to point to my own Draytek 2130 router, so do i still to open ports? A fried told me that if i put the Draytek router IP as DMZ on the ISP router, i do not have to manually open ports, because as being on DMZ all ports are open by default. Is this correct?

    Thanks
    I will not recommend you to apply a double DMZ. Just for security at least don't do it at the internal router. Imagine you having a program that run as service that open a port, and you don't know it, somebody scan your ip and bam found the port and is running a vulnerable service, BAM raped.

    Don't do it. Port forward. Also disable upnp

  5. #5
    Join Date
    Jan 2008
    Posts
    640
    Quote Originally Posted by HRR1963 View Post
    I will not recommend you to apply a double DMZ. Just for security at least don't do it at the internal router. Imagine you having a program that run as service that open a port, and you don't know it, somebody scan your ip and bam found the port and is running a vulnerable service, BAM raped.

    Don't do it. Port forward. Also disable upnp
    Hi HRR1963

    Thanks for your advice.

    Regarding DMZ i will not have Double DMZ because im only go to turn DMZ ON on the ISP router pointing to my Draytek router. On the Draytek router DMZ will be turned OFF.

    So in a simple way, i will only have DMZ enable on the ISP router pointing to the IP of my Draytek router.

    This is ok, correct? How can i by doing this still have double dmz?

    Please clarify me on this.

    Thanks

  6. #6
    Join Date
    Mar 2012
    Posts
    1,153
    I though you said you were going to apply dmz in both routers. Well if not, perfect, but remember that you will have to port forward in the internal router for the NAS or whatever device you need to be able to see from the outside..


    Quote Originally Posted by pedrojose View Post
    Hi HRR1963

    Thanks for your advice.

    Regarding DMZ i will not have Double DMZ because im only go to turn DMZ ON on the ISP router pointing to my Draytek router. On the Draytek router DMZ will be turned OFF.

    So in a simple way, i will only have DMZ enable on the ISP router pointing to the IP of my Draytek router.

    This is ok, correct? How can i by doing this still have double dmz?

    Please clarify me on this.

    Thanks

  7. #7
    Join Date
    Jan 2008
    Posts
    640
    Quote Originally Posted by HRR1963 View Post
    I though you said you were going to apply dmz in both routers. Well if not, perfect, but remember that you will have to port forward in the internal router for the NAS or whatever device you need to be able to see from the outside..
    Hi HRR1963,

    Once again thanks for your advice. Regarding Port Forward on my Draytek Router to my NAS, im at the moment using a Western Digital My Book Live connected using LAN to the router. Im using this device as external shared drive for a Windows Homegroup Network and i also have enable on it the FTP Serve feature.

    Also i will setup a VPN on the Draytek router in order form me to access the WD Drive outside the office.

    So i think i will have to ask Western Digital support directly what ports do i have to open / forward? Or with this information you can tell me what ports do i need to open?

    Thanks

  8. #8
    Join Date
    Mar 2012
    Posts
    1,153
    Quote Originally Posted by pedrojose View Post
    Hi HRR1963,

    Once again thanks for your advice. Regarding Port Forward on my Draytek Router to my NAS, im at the moment using a Western Digital My Book Live connected using LAN to the router. Im using this device as external shared drive for a Windows Homegroup Network and i also have enable on it the FTP Serve feature.

    Also i will setup a VPN on the Draytek router in order form me to access the WD Drive outside the office.

    So i think i will have to ask Western Digital support directly what ports do i have to open / forward? Or with this information you can tell me what ports do i need to open?

    Thanks
    If you are setting up a VPN then there is no need to forward ports related to the NAS.

    In any case you just have to port forward and/or create a firewall rule to allow the VPN ->IF the router itself dont do it when creating the VPN.

Similar Threads

  1. DNS, NAT, and Plesk not play nice. Any Ideas?
    By Sourcer in forum Hosting Security and Technology
    Replies: 0
    Last Post: 08-11-2007, 04:29 PM
  2. Running DNS on cPanel behind NAT
    By Ripside in forum Hosting Software and Control Panels
    Replies: 2
    Last Post: 01-31-2005, 06:00 PM
  3. HELP! -- Firewall OK - NAT OK - DNS OK - Internal/NAT IP translation FAILED --
    By NetworkCloset in forum Hosting Security and Technology
    Replies: 4
    Last Post: 09-18-2004, 11:30 PM
  4. routers and network stuff!
    By wilhil in forum Dedicated Server
    Replies: 7
    Last Post: 08-08-2004, 10:09 AM
  5. SSH, DNS and routers
    By MikeM in forum Hosting Security and Technology
    Replies: 2
    Last Post: 06-26-2002, 09:43 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •