The source IP address of NAT loopback's packet incorrect
Referring to article https://community.tp-link.com/en/home/stories/detail/1726
When a local computer is accessing a local server with router's external IP with port forwarding, the router's NAT loopback does not work with the scource IP address correctly. The source IP address in the NAT loopback packet should be the router's internal IP address but the router doesn't, the source IP address of the packet is still router's external IP address, which is not correct NAT loopback behaviour.
As in some network environment, for security concerns, external IP cannot access some servers/devices behind a internal firewall. Therefore when a computer which is physically connected to local network, but it still cannot access to those servers.
Hi, nice to see you again.
You are right that the story is partially correct. It only highlights how the Destination NAT (DNAT) rewrites the incoming packet's destination IP address to be the local server IP, and doesn't mention the Source NAT (SNAT) process, how the router must perform a second translation step to rewrite the source IP to be the LAN IP of the router.
The actual NAT Loopback process on Deco BE65*5G should include both. So if you ran into any issues with NAT Loop on the Deco BE65-5G_1.0.5, please update the firmware of Deco to the latest 1.1.0 first:
Deco BE65-5G(EU)_V1_1.1.0 Build 20250730
Thank you very much.
Best regards.
