Deco X50-5G (1.0) DDNS and two public adresses

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Deco X50-5G (1.0) DDNS and two public adresses

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Deco X50-5G (1.0) DDNS and two public adresses
Deco X50-5G (1.0) DDNS and two public adresses
2023-10-14 02:27:33 - last edited 2023-10-16 07:56:53
Model: Deco X50-5G  
Hardware Version: V1
Firmware Version: 1.1.0 Build 20230804 Rel. 3600

Hello,

 

I've been using this router for some time.

 

Use Case:

I set up and set up an OpenVPN server with a Raspberry pi. That worked so far. The idea was to use the DDNS service from TP-Link and port forwarding to connect me externally to the local network.

 

Router Settings: 

I activated the DDNS service from TP-Link in the router and it is also active. I also switched on port forwarding to the Raspberry Pi. As a profile I use the EPlus standard profile, as my provider I have O2.

 

Port Checking:

When checking whether the port can be reached externally, I noticed that it isn't and neither are all the other ports that I opened for testing, even though they are definitely reachable locally.

 

Now I noticed the following error:

When I go into the app I have the public address: 10.123.123.250
When I check my public address on the internet: 43.22.123.54
If I resolve the DDNS service to IP address: 43.22.123.54

 

That means I now have a problem. If I use the public IP address from the app, the ports are reachable. When I resolve to DDNS, I am given a different IP address and it somehow points to me but none of the ports are reachable. For me this means that the DDNS service is totally unnecessary because it gives me the wrong IP address. I don't understand why I even have two IP addresses. In the app and one when I use DDNS or browser to check. Can someone help me with how to turn two into one and then use DDNS?

  0      
  0      
#1
Options
1 Accepted Solution
Re:Deco X50-5G (1.0) DDNS and two public adresses-Solution
2023-10-14 11:12:16 - last edited 2023-10-16 07:56:53

  @rusms 

 

It sounds like your ISP / cell provider is running Carrier Grade NAT (CGNAT) that would explain your strange IPs

 

The Deco is picking up its IP from your ISP as 10.123.123.250 which is an internal (non public) IP address so therefore your ISP is running NAT.  This is very common for mobile providers to do this.

 

THe public IP address check is pointing you to 43.22.123.54 which is your ISP gateway IP before NAT is included, basically their firewall / gateway for want of a better word.  Once you pass that stage it will give you an internal 10.x.x.x address.   As the online testers stop at firewalls/gateways they are seeing your ISP device, not your X50 hence the issue.

 

To solve this, you need to speak to your ISP and either ask them to remove you from CGNAT, or add in the port forwards you require to route the traffic to your x50.   

 

 

 

UPDATE... just re-read your post and noticed its O2 you mention, so you are a fellow UK based person.   100% its CGNAT int that case, contact O2 and see if they can forward the ports you need, however from experience they are hit and miss on how helpful they will be about this. 

 

Ideally you need them to setup     incoming on 43.22.123.54  port xxxx forward to 10.123.123.250 then your Port forwards should work..

Recommended Solution
  1  
  1  
#2
Options
1 Reply
Re:Deco X50-5G (1.0) DDNS and two public adresses-Solution
2023-10-14 11:12:16 - last edited 2023-10-16 07:56:53

  @rusms 

 

It sounds like your ISP / cell provider is running Carrier Grade NAT (CGNAT) that would explain your strange IPs

 

The Deco is picking up its IP from your ISP as 10.123.123.250 which is an internal (non public) IP address so therefore your ISP is running NAT.  This is very common for mobile providers to do this.

 

THe public IP address check is pointing you to 43.22.123.54 which is your ISP gateway IP before NAT is included, basically their firewall / gateway for want of a better word.  Once you pass that stage it will give you an internal 10.x.x.x address.   As the online testers stop at firewalls/gateways they are seeing your ISP device, not your X50 hence the issue.

 

To solve this, you need to speak to your ISP and either ask them to remove you from CGNAT, or add in the port forwards you require to route the traffic to your x50.   

 

 

 

UPDATE... just re-read your post and noticed its O2 you mention, so you are a fellow UK based person.   100% its CGNAT int that case, contact O2 and see if they can forward the ports you need, however from experience they are hit and miss on how helpful they will be about this. 

 

Ideally you need them to setup     incoming on 43.22.123.54  port xxxx forward to 10.123.123.250 then your Port forwards should work..

Recommended Solution
  1  
  1  
#2
Options