Connect to Unraid using a Double NAT setup.
Connect to Unraid using a Double NAT setup.
At our institution we use a primary school network. A router links to the main network for our initial control booth, allowing us more management and separation. Another control booth shares the same setup (with a different router model). In the first booth we host an Unraid server. We aim to reach the Unraid server from the second booth. I’ve already configured port forwarding on the first booth so users can connect Unraid to the main network, but integrating that into the second booth is unclear. We also have a Nextcloud setup with remote access outside the school network, though it’s slower than local connections. Eventually these two networks will merge into a single large network connected to the main school network. Below is a simple diagram illustrating the current layout if I wasn’t clear.
I doubt my response, but NAT settings might be what you need. On the primary network router, you configured a rule to send traffic to a fake IP address to the Unraid server. I’m not sure if you have just one router or two separate ones—if they’re distinct, you’d likely still use NAT rules with port forwarding on the first router. The last resort is bridging, which would connect all networks together.
It's important to recognize I lack full network privileges. Each control booth has exclusive admin rights.
Consider this setup incorrect since routing another router through NAT to the main network only isolates broadcasts—not true separation. Unless explicitly configured to NAT solely to the primary router, the device won’t truly keep traffic distinct. By default, routers assign NAT to any destination on the WAN side, which in this case covers the entire LAN range. The proper approach is to let the main router manage all networks, ensuring centralized control and eliminating double-NAT. Traffic must remain fully isolated, with no NAT rules permitting LAN-to-LAN communication. This issue intensifies when using unraid; if NAT is required, the router must handle all traffic destined for the server, potentially overwhelming it if not Gigabit-capable. Even then, unavoidably, traffic intended for LAN will compete for CPU cycles and bandwidth with internet use, reducing performance. If the setup aligns with my earlier explanation, simply implementing VLANs in unraid would allow communication between both LANs without conflict.
We maintain separation to assign our own static IP addresses and restrict device access to specific individuals within our isolated networks. Our connection to the main school network exists solely for internet access.
The primary school network seems to operate at 10Gb speeds, while other networks run at 1Gb only. It’s okay if this causes some load on the router; it’s just a short-term fix until we can connect everything into a single network for the control booths. I have a solid grasp of networking basics, but I’m not very familiar with NAT.
In short, it should function, likely already doing so if you're using Windows file sharing. You'd need to provide the server's IP address instead of its name, since the latter is usually managed through broadcasts that the second router is preventing. The main concern is bandwidth; if the router can't NAT at Gigabit speeds, a file transfer could block internet access and cause lag or stutter in transfers. Since latency to the NAS is significantly lower than to the Internet, it will typically be prioritized over web traffic.
Yes, you can link to the device by entering its IP address on the second control booth network. It runs on a separate subnet from Unraid’s main school network, which uses 10.20.xx.xx versus 192.168.1.xx. Connecting via SMB allows access through that setup.
Typically yes, SMB functions by typing \\10.20.xx.xx into the explorer, with the correct numbers for your unraid server. If the share names are public, it displays the list of shares; otherwise, you may need to manually add a specific share name at the end.