Hi @MaxxFR

MaxxFR wrote

Please  @Clive_A 

 

Can you transfer it to the internal dev team for evaluation ?

 

Thanks for your help

It's been sent and notified to the dev team. But I don't think it's gonna be a high-priority demand/request.

I know open source can do that because there is openwrt for ER605 already and I had a brief look at the features on it. It does support many features that we don't support, but that's the advantage of open source. There are always unconventional ways to use products and the different needs from people, but our baseline is still providing conventional products to meet the most basic uses of our 2B customers.

I have looked up what UBNT does, and I don't find it supports disabling NAT as well. And so far we plan to keep it as a router. And most other contract users don't have the requirement of disabling the NAT. Just a few people on the forum expect this, I am afraid that this feature will be delayed longer than any other requests. Or not considered. I am still checking with the dev about this.

If you have a double-NAT issue, turn the modem to bridge mode. Or set its NAT mode to full-cone mode. If your modem cannot be changed to bridge mode to fix double-NAT, you may also write a request to the manufacturer of the modem or seek help from the ISP to see if they can provide a firmware or command to turn the modem to bridge mode.

Hi @MaxxFR 

Thanks for posting in our business forum.

MaxxFR wrote

Thanks for your help and reply  @Clive_A

Hi

I understand but lot of ISP Router/Modem haven't a bridge mode to add cyber security service and decline their responsability in case of attacks. Router Manufacturer like TP Link don't have this problem because just sell hardware and that good.

 

Hope the dev team understanding that. 

 

Thanks

 

 

Hmmm. It's not convincing enough. At least to me. I have reported this to the dev anyway.

My perspective:

So, first, if the modem is a modem router, it has the most basic capability to mask your IP address. It processes the source IP and MAC addresses. It, in a way, can be thought of as a firewall. NAT basics.

If you are worried about the attacks, I believe the modem router can do it as well but not that all-around. It should at least have the capability to stop some attacks. But if you are referring to the real, and targeted attack, our routers cannot defend a heavy attack as well. There is a limit to the hardware and if you intend to have the top protection, it is always recommended to use a famous service like Cloudflare.

If your ISP provides the contract modem-router, it should be responsible for the attacks as they provide and "force"(imply) you to use their device. This happens in the other places of the world. ISPs should provide the most basic protection as they have already provided a capable router.

This requirement is only proposed by people who know about networking. If your ISP doesn't allow you to turn it into a modem bridge mode, then think about the reason why they don't allow it. They want you to use their router. So, this requirement seems to be contradictory if you offer insight from the perspective of a double-NAT.