Implemented Disable NAT on the routers (i.e. TL-ER605 and TP-Link TL-ER7206)
Team,
Suggestion (assuming this is not possible within the current firmware):
Allow customers to operate the router without using NAT.
Meaning allow the device to behave as a special router with firewall capabilities that can be turned on and off as needed.
This prevents double-natting when behind an ISP router.
While maintaining the ACL-capbilities for enhanced network security.
What is your view here?
Cheers - Will
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@Clive_A Looks like Unifi has beat TP-Link to the punch: https://www.youtube.com/watch?v=hSmrcHbl03U
- Copy Link
- Report Inappropriate Content
@Clive_A Thank you for updates. Would you know if this update will allow for dsabling NAT on a per-WAN interface basis, or will it be all NAT enabled or all NAT disabled, for all WAN interfaces?
Thank you,
Lee
- Copy Link
- Report Inappropriate Content
Hi @Lee21
Thanks for posting in our business forum.
Lee21 wrote
@Clive_A Thank you for updates. Would you know if this update will allow for dsabling NAT on a per-WAN interface basis, or will it be all NAT enabled or all NAT disabled, for all WAN interfaces?
Thank you,
Lee
No. I don't have this information. Based on what the forum asked, it did not specify whether this is going to be the per-WAN interface.
I assume it is a global disable for all WAN interfaces.
- Copy Link
- Report Inappropriate Content
FYI:
After weeks of testing/engineering I was able to resolve this by replacing the KPN/ISP router with a Fritz!box model.
Besides replacing the Omada router with a basic L3 switch/router (i.e. the Omada SG2218).
The blocking issue was static routes on the KPN/ISP router: this was not supported.
Hence the replacement with a Fritzbox, static route support and the KPN/ISP profile.
At this time the switch is default gateway for all vlans (with Pihole/DNSMASQ as DHCP/DNS server).
The Omada router is doing nothing... no double NAT (NAT-ing is only on the Fritz!box)... switching it off... at least for now... :-)
- Copy Link
- Report Inappropriate Content
@Clive_A Please confirm if the ability to disable NAT will be extended to the ER8411 running under a controller also. Thank you.
- Copy Link
- Report Inappropriate Content
@Clive_A will that be a feature for all routers? (Even the ER707-m2?)
- Copy Link
- Report Inappropriate Content
mainkowitsch wrote
@Clive_A will that be a feature for all routers? (Even the ER707-m2?)
As for now, I don't have a list of the routers about which will support this. But based on my point of view, this should be a universal feature to the mentioned devices and other models.
This is not a performacne-heavy feature which may not be available on some basic models. So, I think you can rest assured.
- Copy Link
- Report Inappropriate Content
- You mentioned "Some models have beta firmware but if your model is not listed, please wait for the V5.15. "
To be clear, V5.15, refers to the omdaSDN software version not the router ER605 firmware version correct? in which case which version of the ER605 firmware will support disabling NAT? - You also mentioned: "If you need the beta, you should contact the technical support for the file".
I was looking in the forum articles which list links to download beta versions and they 'didn't seem to mention V5.15 nor firmware versions for the ER605 which mention NAT-disabling. How can I contact technical support to get the file?
much apreciated,
FFSB
- Copy Link
- Report Inappropriate Content
Hi @ffsb
Thanks for posting in our business forum.
ffsb wrote
- You mentioned "Some models have beta firmware but if your model is not listed, please wait for the V5.15. "
To be clear, V5.15, refers to the omdaSDN software version not the router ER605 firmware version correct? in which case which version of the ER605 firmware will support disabling NAT?- You also mentioned: "If you need the beta, you should contact the technical support for the file".
I was looking in the forum articles which list links to download beta versions and they 'didn't seem to mention V5.15 nor firmware versions for the ER605 which mention NAT-disabling. How can I contact technical support to get the file?
much apreciated,
FFSB
We refer to the controller version as every firmware will adapt to a version of the controller. So, that's what it means. The release note will be specific about this when there is a major release.
Some major releases:
The forum does not provide private technical support. As this is a generic feature on available models, but the beta release is not ready for every model, and this is not gonna be proprietary to the ER605/ER7206, you need to confirm with the technical support team. Technical support team by phone or email has private tickets or conversations. Regarding if your model has a beta about this, you need to check it with the support team. If no, you gotta wait for the future firmware. Some models have an early beta for this.
About why:
Some beta versions are not made available to the public due to their specialized nature, as they are tailored to address specific issues on particular models. As such, they cannot be shared on the forum.
If a particular beta version becomes a standard feature in our product line, I will inform you through relevant threads, along with a disclaimer on when and what to expect it.
Please keep in mind that our team operates on schedules and priorities, and what may be important to you may not always be at the top of our list. Customized firmware, even for a single feature, is a priority that requires evaluation.
Our forum's Early Access and Pre-Release sections are reserved for major releases or significant improvements that adhere to internal requirements and protocols. Customized firmware for a single feature will not be shared on the forum.
It is important to understand that we have standard operating procedures in place for all our processes, some of which are confidential and cannot be shared. But you can rest assured if there is something for the public, I will create a new post for it. The responsibility of releasing firmware falls on the project manager and development team, not entirely on me. I cannot make calls on this but follow the instructions and rules from them and the guidelines. Thank you for your understanding.
- Copy Link
- Report Inappropriate Content
I see the 8411 with beta firmware, but i don't see a reference to this function on the release notes. Is it there or is this beta addressing other things and the 8411 still have to wait for 5.15 and the appropriate firmware?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 39
Views: 9227
Replies: 65