Strict NAT remains active despite port forwarding configuration.
Strict NAT remains active despite port forwarding configuration.
Initially, this setup is my home's wired configuration (to prevent confusion later). What’s important are the first two routers and my PC. The routers in use are a ZyXEL VMG1312-B10D and a ZTE ZXHN H168N. On my PC, I access Xbox Networking settings, which indicate Strict NAT. To resolve this, I attempted port forwarding. Despite that, the strict NAT remains. Then I decided to test whether the ports were actually open. I used some port testers, but they all reported the ports as closed. Even after downloading a free Port Forward utility from Network Utilities, the ports stayed shut. I double-checked my configuration: I created multiple entries for the WAN Interface on both routers, with 9 ports listed for forwarding and 36 total entries. Because of the dual router setup, I also mirrored the same settings on the ZTE, though it offered fewer options (18 instead of 36). I noted that connecting both routers to each other might complicate things. My ZYXEL had four WAN Interface choices and nine ports to forward, while the ZTE only provided two WAN options. I also suspected a misconfiguration—possibly labeling it as a "dumb extension"—and wondered if a quick refresher would clarify. I had a static local IP for my PC, which matched the Server IP used for port forwarding on both devices. Firewall was disabled on both routers (IPv4 and IPv6), and ZTE’s DMZ was set to Low. My PC’s local IP was entered on both routers. I tried Port Triggering feature on both devices, but nothing changed. I’m unsure about the ALG or any guidance I found online, though my ZYXEL had most of them enabled while the ZTE did not. My ISP contacted me for assistance, but their instructions were vague—they suggested a guide on their site that was confusing and didn’t fully explain the steps. They recommended bringing in a technician if needed. At this point, I have no clear path forward. TL;DR: I forwarded the ports they asked me to, but NAT remains strict. I’m hoping for some clarification or help to confirm my setup was correct.
Ensure all routers are connected properly. Check that your ZTE device operates in AP mode—disable NAT, firewall, and DHCP if needed. This adjustment might resolve the problem.
My device lacks a specific AP Mode setting, yet the Firewall Level remains at Low because it prevents full deactivation through Local Network > LAN > DHCP SERVER. I found a section labeled Port Control-DHCP, but its purpose isn’t clear. Regarding NAT, there’s no way to disable it. I haven’t encountered any mention of NAT in ZTE documentation or manuals I’ve reviewed.
You understand what’s happening. Since the cable from my ZYXEL to my ZTE is sufficient length, I switched off my ZTE and connected my PC straight to the ZYXEL. No changes observed... Still strict NAT in place, all ports remain closed. The second router isn’t the issue.
The second router might still create issues. Ports will only appear open when the necessary software is active. If the software runs but problems persist, configuration may be incorrect. The lack of standardization in port forwarding interfaces across manufacturers is part of the challenge. For instance, D Link once grouped port forwarding under a virtual servers menu. Could you share a screenshot of the settings you used?
I struggle to grasp why the second router would trigger an issue even after being disconnected and turned off. It's not just about manually checking ports—I also use Port Forwarding from Network Utilities, and when I attempted to test certain ports, they reported being unavailable due to conflicts or prior usage. I can share as many screenshots as needed (though I don’t want them to be too numerous).
Oh that's a good one. I've literally never hard of CG-NAT before,,, no matter how long I was searching for this problem.... And that may be it tbh. Because it say my IP 100.74.x.x but my actual IP is not that. I think I remember reading about people telling OP to buy an IP off of their ISP. Is that what I'll have to do too ? Like, How bad is CG-NAT? Like, currently there are certain games where I literally can not play online At All (I thought it was because "Teredo was unable to qualify"). Would That get fixed? Forgot to mention that on my router's page, where it says my IP is 100.74.x.x , it has a button to "Disconnect" which I can only assume it gives me a new IP, but I've refrained from pushing it yet. Edited November 21, 2022 by MainGoldDragon more info
What I mentioned might lead to problems if you try to reconnect everything. Since turning off the NAT and firewall could create complications, always double-check settings. I haven’t seen the translation port before. On my router it just requests private IP, port numbers, public port, and protocol. You won’t be able to forward ports unless your ISP supports it, which depends on their policies. They’re running out of IPv4 addresses, so many providers are moving toward IPv6. ISPs are using CGNAT as a temporary fix while they push IPv6 adoption slowly.
I understand. It seemed confusing because the second router didn’t change anything despite testing. When I enter the Start Port, it fills the same information into the Translation Start Port. The same happens with the End Port. My ZTE router behaves similarly but uses WAN Port Range and LAN Host Port Range instead. The second text box for LAN Host Port Range is locked, making it hard to type. There was a port I needed to open between 3000-3010 that required a range of 10 ports—probably related to that. Oh, my goodness. When I contacted them, they said they couldn’t help with port forwarding since they couldn’t access my router and only provided a website guide. I’ll likely call again later hoping for a better representative or a technician. Maybe it’s time to ask about CG-NAT next? My ISP contract ends in May, which is a long time, but that might be useful. I should probably look for an ISP that lets me keep my own IP address. We don’t have many options, but we do have a few.