Accessibility Resource Center Skip to main content
Get it fast with In-Store & Curbside Pickup or same day delivery.

G3100 and Hairpin NAT (NAT loopback)

SOLVED
Reply
jonsmirl1
Contributor
Contributor
Posts: 3
Registered: ‎01-11-2021

G3100 and Hairpin NAT (NAT loopback)

Message 1 of 5
(940 Views)

It is very annoying that the G3100 router does not have Hairpin NAT (NAT loopback) enabled. This is a common feature found on almost all routers including the G1100.

 

Hairpin NAT says that if I use the external IP to access the router from inside the LAN, then it should behave the same as if I had accessed the router from outside the LAN. That means apply the port forwarding and mapping to the request.

 

This is very annoying to me because I have an app on my phone that uses the external name for my network. This app works fine outside of the house. When I am inside the house the phone switches onto wifi. This causes the mobile app to stop working. Why? Because the mobile app is using the external name for the router and it is expecting port 443 to get forwarded. Since the G3100 does not have Hairpin NAT enabled the ports don't get forwarded and the app stops working.

 

This should not be happening. My mobile app should work the same whether it is external or internal to the network.  Please enable this feature on the G3100.

 

Reading around the forum I see other people experiencing similar issues without knowing what caused the problem.

 

Edit: I got my app working by moving to another port.  Reddit post clued me into Hairpin NAT works on ports besides 80/443 on G3100.

1 ACCEPTED SOLUTION

Accepted Solutions
jonsmirl1
Contributor
Contributor
Posts: 3
Registered: ‎01-11-2021

Re: G3100 and Hairpin NAT (NAT loopback)

Message 3 of 5
(918 Views)

I got my app working by moving to another port.  Reddit post clued me into Hairpin NAT works on ports besides 80/443 on G3100.  I was using 443.

 

I suspect Verizon using 443 for external router management which is why I can't change it.

 

Why is this important? Because SSL certificates have the domain name in them. And you want to use that domain name internally so that the app won't error out with a certificate error.

View solution in original post

4 REPLIES 4
Cang_Household
Gold Contributor IV Gold Contributor IV
Gold Contributor IV
Posts: 953
Registered: ‎09-06-2020

Re: G3100 and Hairpin NAT (NAT loopback)

Message 2 of 5
(917 Views)

While it would be nice for the G3100 to have this feature, but hairpin NAT is really kind of an unpopular protocol/feature.

 

The app/device responsible for sending an IP packet should determine whether the resource is on the same network or beyond the gateway. Always switch if you can, route is a secondary option.

 

What app are you using?

jonsmirl1
Contributor
Contributor
Posts: 3
Registered: ‎01-11-2021

Re: G3100 and Hairpin NAT (NAT loopback)

Message 3 of 5
(919 Views)

I got my app working by moving to another port.  Reddit post clued me into Hairpin NAT works on ports besides 80/443 on G3100.  I was using 443.

 

I suspect Verizon using 443 for external router management which is why I can't change it.

 

Why is this important? Because SSL certificates have the domain name in them. And you want to use that domain name internally so that the app won't error out with a certificate error.

View solution in original post

jonsmirl1
Contributor
Contributor
Posts: 3
Registered: ‎01-11-2021

Re: G3100 and Hairpin NAT (NAT loopback)

Message 4 of 5
(739 Views)

Update on this....

 

When terminating an Alexa Smarthome URL on your own sever, Alexa does not allow you to change the port off from 443.  So that means I had to figure out how to get the G3100 off from port 443. I finally figured out that router remote admin was enabled by default on port 443.  If you go into the remote admin section of the router you can change that port to something else like 444. Then when you use normal http to access the router, the router will redirect you to they new port number so you don't have to remember it.

 

Now the router is not using port 443. Go back into port forwarding and forward 443 to your internal server. It will work correctly. Before moving the remote admin port you could set the port forward but it would have no effect.

Cang_Household
Gold Contributor IV Gold Contributor IV
Gold Contributor IV
Posts: 953
Registered: ‎09-06-2020

Re: G3100 and Hairpin NAT (NAT loopback)

Message 5 of 5
(733 Views)

Several points to make here:

 


@jonsmirl1 wrote:

When terminating an Alexa Smarthome URL on your own sever, Alexa does not allow you to change the port off from 443. 


I am not sure what is "terminating an Alexa Smarthome URL on your own server."

 


@jonsmirl1 wrote:

I finally figured out that router remote admin was enabled by default on port 443.


Remote administration is disabled by default per safety precautions.

 

What you are looking for after all is only port forwarding? This is a different thing than NAT Hairpin.

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.
Have a spare Fios-G1100?Learn how to bridge it into your network
Get Started


Covid19

Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.