Loopback an upper router's WAN IP?

[samqixin]

So here is the problem, my lab's global IP address is not signed directly to us.

Every time I want to access the local NAS via the WAN IP(you know why), the packet need to go to the upper NAT and come back.

 

Here is the simple topology:

******************

a.a.a.a (office router) b.b.b.b === b.b.b.2 (THE upper NAT) c.c.c.c === the world

******************

I have no idea how our ISP configures b.b.b.2 and c.c.c.c, I guess DMZ to our b.b.b.b?

 

HOW can I loopback c.c.c.c within our office router? 

I'm using pfsense as the router OS.

[mynameisjuan]

Its called haripinning and needs to be configured on the device handling NAT. 

 

I appears you do not have control of that device?

[samqixin]

1 hour ago, mynameisjuan said:

Its called haripinning and needs to be configured on the device handling NAT. 

 

I appears you do not have control of that device?

I do not have control to the upper level NAT device. But I do control the office LAN, which means the local NAT device.(pfsense)

I understand that routers loopback its WAN IP by default. But here I want to loopback the upper level NAT's WAN IP in the local NAT.

[mynameisjuan]

9 hours ago, samqixin said:

I do not have control to the upper level NAT device. But I do control the office LAN, which means the local NAT device.(pfsense)

I understand that routers loopback its WAN IP by default. But here I want to loopback the upper level NAT's WAN IP in the local NAT.

It is not enabled by default on a majority of platforms. No clue about pfsense.

 

Again, nothing you can do unless you have access to the upstream device

[BSpendlove]

You won't need access to the upstream device. You'd simply create a destination NAT rule, if pfSense sees traffic going to c.c.c.c then translate to nas ip address. This method is still considered as hairpinning or Nat loopback, depending on the vendor or whatever you want to call it

 

Create a Nat rule and set the interface to your inside/lan interface, fill out source and destination networks and then use the redirect target ip for the NAS internal ip address. 

[mtz_federico]

from what I understand this could help you

https://docs.netgate.com/pfsense/en/latest/nat/accessing-port-forwards-from-local-networks.html

[mynameisjuan]

8 hours ago, BSpendlove said:

 

You won't need access to the upstream device. You'd simply create a destination NAT rule, if pfSense sees traffic going to c.c.c.c then translate to nas ip address. This method is still considered as hairpinning or Nat loopback, depending on the vendor or whatever you want to call it

 

 

If all he’s trying to do is really reach the nas, why even nat. Just go to the private IP

[samqixin]

8 hours ago, BSpendlove said:

You won't need access to the upstream device. You'd simply create a destination NAT rule, if pfSense sees traffic going to c.c.c.c then translate to nas ip address. This method is still considered as hairpinning or Nat loopback, depending on the vendor or whatever you want to call it

 

Create a Nat rule and set the interface to your inside/lan interface, fill out source and destination networks and then use the redirect target ip for the NAS internal ip address. 

Thank you, this is the idea I was thinking about and not been able to solve.

[samqixin]

30 minutes ago, mynameisjuan said:

If all he’s trying to do is really reach the nas, why even nat. Just go to the private IP

Thanks. 

But you know, office buddies sometimes don't really tell the difference between private IP and public IP, and I just want to save some bandwidth when they try to download some big files from the NAS webUI via public IP. LOL

[samqixin]

5 hours ago, mtz_federico said:

from what I understand this could help you

https://docs.netgate.com/pfsense/en/latest/nat/accessing-port-forwards-from-local-networks.html

Thanks a lot! I'll try to understand this page. Oh boy pfsense, right? LOL