How to make a smart modem really dumb? That's what I'm trying to figure out. Telus (Canada) provided the D-Link DVA-G3810 when we upgraded to Hi-speed web with IPTV. This box has the IPTV co-ax out, so I can't just plug in my old DSL modem. But the problem, is that this thing (the 3810) seems over-engineered (or over-programmed).
PROBLEM: I can't get enough exposure outside of the network for my devices for remote access. Primary issue is I can't use the (previously dead-simple when I only had a DSL modem) Back to My Mac service that Apple gives with a mobileme account. (Basically provides one-click access from anywhere else to your home computer for file-sharing and surprisingly fast screen-sharing).
CAUSE: D-Link DVA G3810 seems to have too many bells & whistles. I think it's forcing my connected devices inside the network to use NAT, and there's no way to turn it off.
SETUP: The D-link (i turned it off as a wireless device) provides signal via cat5 to a Time Capsule. This is my wireless N hub. iMac takes an ethernet connection from the TC, everything else accesses the TC wirelessly (wii, iphones, apple tv, xbox through a modified linksys router as bridge).
SO FAR: Have been able to expose the iMac via DMZ settings on the Dlink (and this only works with the TC in bridge mode). However, that still didn't give me external access to the iMac through Apple's aforementioned Back to My Mac service, although strangely, the Time Capsule does show up as a shared mobileme drive remotely (it has mobileme creds in it's admin tool as well).
I do have VNC access working to get to the iMac for screen-sharing (painfully slow) and SFTP for file access (decent speeds). Nonetheless, I'd like to figure this out. I have to set the TC to Bridge mode, though I'd prefer to distribute static IPs (but it does not seem to like that at all).
Does anyone have a similar setup? Anyone know how to disable NAT (and other "smart" functions on this DLink device and make it simply a a modem with internet and IPTV (coax) outputs)? Any recommendations on how I could modify the setup to get best performance for:
- remote VNC access (if I could get this running usable speed I would readily cancel the mobileme service!)
- remote SFTP access
- local network print sharing
- torrent downloads on the wired iMac
- Xbox and Wii gaming wirelessly
- Apple TV streaming via youtube and netflix, also wireless
Once I figure it all out I'll publish the findings... if I figure it all out!
First off, I'm not familiar w/ the D-Link DVA G3810. But I'm sure it's like most other combo modem+router devices. What you typically do is enable bridge mode on the D-Link (in this case) so it's demoted to only a modem. The public IP should then be passed to your own router.
Overall, it’s not a particularly complex or troublesome configuration. One complication might be who does the PPPoE signon, the modem or your router. But once you figure that out, it’s pretty much like andyother modem and you configure your router as usual.
That said, if you’re having problems, you can usually work around bridge mode and simply chain the dva-g3810 to the TC, LAN to WAN. Of course, this creates a double NAT situation. Not usually a problem for outbound traffic, but can be problematic for inbound traffic(e.g., remote desktop).
Now I noticed you mentioned placing your iMac in the DMZ of the D-Link, but then mentioned having to place the TC in bridge mode. The reason you needed to place the TC in bridge mode is because placing the iMac in the DMZ did not disable the double NAT! So you placed the TC in bridge mode, which DID disable the double NAT. Problem is, you need the D-Link’s NAT disabled, not the TC.
The correct procedure is to place the IP assigned to the WAN of the TC, in the DMZ of the DVA-G3810. That effectively disables the NAT/firewall of the DVA-G3810, and all traffic is redirected to the TC (which is still in router mode). And now ANY devices behind the TC only has a single NAT/firewall to deal with.
A couple of others points (which you may or may not be aware of). Make sure the DVA-G3810 and TC are using different subnets. So if the DVA-G3810 is using say, 192.168.1.x, maybe make the TC 192.168.2.x. Also, since the TC’s WAN IP will now be permanently in the DMZ of the DVA-G3810, you don’t want that IP to change. So either use a static IP configuration for the TC’S WAN IP, or else reserve that IP in the DVA-G3810 for the TC. In the end, they accomplish the same thing, you just want to make sure it doesn’t change.
Subnet - 192.168.1.x
IP – 192.168.1.1
DMZ – 192.168.1.2 (must match WAN IP of TC)
Subnet – 192.168.2.x
IP – 192.168.2.1
WAN IP – 192.168.1.2 (should be fixed/static from DVA-G3810 subnet)
Thanks for this - will give it a try. I don't think the Dlink will go to Bridge mode (i think they disabled that feature as it will mess up the IPTV service it also provides via coax). So without being able to disable NAT on the DLink, I will have to place the TC in the DMZ.
Can I ask why the TC and DLink need to be in different subnets? I'm thinking if I just place the TC in the DMZ (rather than the iMac), that will do the trick as it currently stands (and thus avoid having to tweak any other IP address dependencies in connected devices).
When IP address 192.168.1.100 is specified behind the router (lan), should that IP address be searched within the network behind the router, or routed over the router (wan) to the other subnet? It’s impossible to say, it’s ambiguous. Either way, from wan to lan, lan to wan, the other subnet effectively becomes unreachable.
Trust me, just don’t do it. You may get away w/ it for a while, but sooner or later you’re gonna need clear and unambiguous routing between the subnets. And when something suddenly doesn’t work as expected, you’ll come to realize the problem.
The easiest solution is to change the subnet used by the DVA-G3180 since it only involves two IPs, the DVA-G3180 itself and the IP assigned to the WAN of the TC.