PLEASE HELP! NAT issues with multiple pcs on one router.

[DrECK00]

Here is the ordeal. Multiple desktops connected to one ASUS as618p high speed router. One pc has can not connect to online activity due to nat restrictions. So far I have port forwarded, port triggered, dmz, upnp, static ip and automatic ip. Also have opened the nat for the secondary pc and been able to play on the my primary pc with a moderate nat yet been unable to play on my secondary with an open nat. I'm losing hair. So I don't know what else to do. Can I not have multiple computers playing COD on one ip? I'm not buying another connection. I already have 1 gig. Please flood me with ideas!

[Donut417]

16 minutes ago, DrECK00 said:

Here is the ordeal. Multiple desktops connected to one ASUS as618p high speed router. One pc has can not connect to online activity due to nat restrictions. So far I have port forwarded, port triggered, dmz, upnp, static ip and automatic ip. Also have opened the nat for the secondary pc and been able to play on the my primary pc with a moderate nat yet been unable to play on my secondary with an open nat. I'm losing hair. So I don't know what else to do. Can I not have multiple computers playing COD on one ip? I'm not buying another connection. I already have 1 gig. Please flood me with ideas!

You can only port forward ports for one machine at a time. So for instance if the software uses port 300, you can only port forward port 300 to one machine on your network. 

[ShadowForce]

I am not too familiar with COD's networking requirements, but generally you cannot forward the same port to more than one host on your local network. For example, if you setup port forwarding for WAN port 80; LAN port 8080; LAN IP 192.168.0.12; then your gateway/router will send all traffic that arrives from the internet on port 80 to your machine at 192.168.0.12 with the destination port swapped to 8080. One port, one host. DMZ is (pretty much) port forwarding for all ports to one host.

 

You might be better off with no configuration change on the router. Maybe try removing all port forwarding and leting the router's NAT figure it out for your hosts.

[dan24]

What these guys have said is true, you can't forward the same port to multiple local hosts.

 

If all of the above fails, (and depending on your networking skills) you could also ask your ISP for a large public subnet.  If you get a /29 (5 usable IPs) vs a common /30 (1 usable IP) and your router supports this, you should be able to configure your router/firewall to do 1:1 NAT on multiple public IPs to corresponding local hosts (eg public 198.51.34.2/29 is 1:1 NAT to local 192.168.10.2/24, .3 to .3 etc).  You would just need to open the corresponding ports (not forward) for each of these hosts on your WAN interface's firewall rules.

 

PSA - there are security risks every time you port forward or open ports to the internet.  These are not trivial.  If you know the source address (where this traffic is coming from), I would restrict access to those open ports from that address only.

 

pfSense is very intuitive and can handle these scenarios with a relatively shallow learning curve (pfsense.org).  Also, be aware that some ISPs (like mine) will not allow me to have a subnet larger than a /30.  I've had to setup a GRE tunnel to a local data center to get another public subnet routed to me (massive PITA).  If none of this makes sense to you, it might not be worth it unless you have an interest in learning about networking.

 

Cheers,

 

Dan