Google WiFI port forwarding Double NAT

Anyone else running port forwarding on Google wifi successfully?

I have problem where I can’t seem to get port forwarding working on my Google Wifi.

I have VDSL internet which comes through the phone line so a VDSL2+ modem is needed which causes a double NAT.

I have supposedly not got a double NAT now I have put my Modem in ‘bridge mode’ and turned of the DHCP on the modem. Which from what read all traffic goes directly to Google wifi and passes through it’s NAT.

But for some reason even through I have setup port forwarding for port 443 I am still unable to see my Hassio.

I also installed Simple Port Tester (by PCWin tech) on my computer forwarded port 565 and run a test and that still failed. In my head I see the Google Wifi as the problem still.

I do that, forwarded multiple ports to my internal network.

Do you have fibre or adsl or vdsl?

I think fibre connections don’t have modem up front with nat and dhcp which makes things more simple, but adsl and vdsl do need modem which is where things get a little more problematic.


My flow is:

WAN -> Modem/router(ISP provided) -> Google Wifi -> Server.

I have first forwarded my ports from the ISP router to the Google Wifi, then from google wifi to my servers.

1 Like

You still have double NAT, but if that works I am all in.

Have to disconnect and wait 30mins for my ISPs DHCP to release the google wifi MAC address but will update once I am back.

That is correct, but the ports I have forwarded have “direct” access.

Back online. Still no joy.

Port forwarded 443 to which is google wifi address on the tp-link router. The on google wifi port forwarded 443 which is hassio.

I even put into the DMZ which is supposed to completely open up the ports to google wifi and not joy.

I also tried test again with Simple Port Tester on my PC with random port 565 and no joy.

Tomorrow I am going to use a different modem and see if that makes any change. But I guess before I do that I should have done along time ago is move hassio onto first modem and see if it works up there instead of messing around behind google WiFi and blaming double Nat.

I have set the following up but as yet have not tested , because i need to setup SSL again

DuckNS --> port 443 to ISP router port 443 to Port 9443 on Google wifi >>. forward 9443 to docker container , Within Docker container 9443 to 443 …

1 Like

Today I got 2nd router factory reset it, put hassio directly to vdsl modems lan port and put in port forwarding rule for 443 and also a second rule to forward a random port (565) to my computer so I could run test.

Both ports still closed ;c( I have opened a ticket with MyRepublic (my ISP) with screenshots and bullet pointed list of what I have done and suggesting that it would appear they are blocking my ports.

I did read very short article in their help notes on their website which touched on that “they don’t block ports” and if someone wants to do port forwarding they can contact them to get a static IP.

I wager a fiver that means all ports are blocked unless you rent a static IP off them.

Will wait to hear back from them.

Rather than wait for a my ISP to reply and then play email tennis I switched providers, which has been on my to do list for 6 months as they don’t have local servers in my state/county which can’t be good for latency, I was surprised that it only took 24hours from filling out the application online to churn.

I updated my WAN settings on the TP-Link and no sooner had my internet come on I refreshed my hassio duckdns address on my mobile phone and it works.

So my previous provider was blocking ports, despite the FAQ help article on their site saying they don’t block ANY ports!

My setup is

  1. Reserved IP on my TP-link modem for google Wifi so it doesn’t jump.
  2. Port forward 443 on TP-link to google wifi so traffic coming in from the WAN wanting 443 get ushered off to google wifi.
  3. On google wifi created port forward 443 to my RasberryPI

This probably means that I might be able to put my TP-link back in Bridge Mode if I wanted too, which will cut out the double NAT.

as added bonus my VDSL2+ line speed has gone from 38mbps to 48mbps.

so who is the new ISP then ?

Just as a side note: i tested out the remote access in 0.90 , worked great and fixed my issues with port 443

1 Like

MyRepublic > TPG

The reason I went with MR originally was they had 100Mbps plans for $69.99AUD.

But it wasn’t documented at the time that during the first 18months of phone exchanges going live with NBN in Aus all connections were throttled to 50mbps because ADSL2+ connections that were still active on the exchange interfered with the with the higher bandwidth NBN speeds.

So the 100Mbps plan was pointless. Our exchange will be switching off ADSL2+ for good in July, 100Mbps plans have all gone up in price since I don’t need the extra speed so I just signed up with a 50Mbps tiered plan and went with TPG because of network infrastructure and pricing.

Im having the same problem with telstra , free 100mg boost on the 50meg plan , but can only get 42 meg while being 200 m from the node … coexistence they said . will end in 18 months after your area goes live … its now 2 1/2 years

Does that mean ADSL hasn’t been switched off at your exchange? (write to the communications ombudsman and complain help bump up the stats against NBNco).

I read long article that the government commissioned to investigate speeds and issues with NBN co-existence as its a big hurdle. It’s not just ADSL, if you have businesses, hospitals… on your exchange using different technologies it plays havoc with cross interference at higher speeds it was only low too I think 80Mbps so pushing 100Mbps is going to big challenge certainly if you have more than a handful of people on plans exceeding 50Mpbs.

On ADSL each provider had their own equipment in the exchange doing their own thing on their customers lines. The document was saying it is no longer possible for this behaviour as signals/waveforms on each line must be carefully controlled in order to obtain maximum throughput for each line so now it is going to be only the NBN equipment in the exchange.

Also another thing I found out is you aren’t necessary connected to the nearest node.