Set the Port field to 1321. Since a gateway is a router itself (plus a modem), youâll get a double NAT setup when connecting another router to it. I have not gotten Amplifi HD-Teleport to,pair successfully behind a UniFi USG router (double NAT). Back to Top. Nathan, You can add sub-interfaces with VLAN tags and reuse (re-tag) across interfaces, but the USG would still act as a layer 3 device. In the Remote Address field, enter the IP address allocated for the Northampton end of the point to point tunnel â in this case â 192.168.255.2. (Click Object, select Address, or if you are still on the NAT page, you can create the new object from the drop down menu at the top.) Turning off NAT is helpful if you have another gateway router or firewall and youâd like to see traffic streams per enduser device rather than just one NATed address. What is the big deal? So, it does NAT twice âDouble NATâ. Is it possible? Iâd end up in a double NAT situation unless I let AT&Tâs modem handle DHCP, firewall, port forwarding, etc. Navigate to the Firewall/NAT tab and add the Masquerade rule with eth0 (WAN) set as the Outbound Interface. If you see âDouble NAT detectedâ in your Xbox One network settings, try these steps to change or remove it. Need to make a site to site VPN with another site that has the USG on a public IP. To make NAT loopback work, youâll need to create a new Object of type Address. Do not delete the rules, because you will need them later again. If it is double-NAT behind a modem or ISP provided firewall, be sure to change the modem or firewalls internal IP range to something other than what you want your local network to be. The object name will be something like âWAN_IPâ, the Address Type will be Interface IP and the interface is wan1. Have a USG behind another router. Set your usg not to nat to avoid the double nat.. now just use your 192.168.1 as transit network. Just need the double NAT'd site to reach out, rather than be reached. GUI: Access the EdgeRouter Web UI. Double NAT is when you connect one router to another and let them both function as routers. Remember, the Northampton USG is behind NAT so this will need to be the real public WAN address of the router sat in front of the USG. 5.1 Deactivate the NAT for the Pi. In order to have the ports 80 and 443 free again for the USG, you need to deactivate the NAT for the Pi. Adding a Masquerade Rule. Double NAT is when you connect your router behind another router creating two different private ⦠You just have to setup a gateway in pfsense telling it to get to whatever your downstream networks are to send to the usg IP in our transit network 192.168.1.2 for example. 1. Go to Configuration > Network > NAT and find and deactivate the rules that are responsible for the NAT. Using Source NAT to translate the traffic from the UNMS server and LAN clients using the public IP address(es) on the WAN interface (eth0). Specifically, you have one NAT-enabled router running on top of another thatâs also NAT-enabled. Anyone know how to do this with the USG? Unfortunately the RG (thatâs what AT&T calls the modem) authenticates with the AT&T Fiber network with a special hard-coded certificate unique to each modem, so you canât just throw the RG into a bin and plug your USG directly into the fiber ONT. Double NAT. Not ideal! NAT (Network Address Translation) allows your devices to share a single WAN IP address (provided by your Internet Service Provider) by changing the public IP address to a private IP address.This process also secures your network by blocking any direct access to your local IP address. Plug the USG in and allow the WAN interface to receive a public internet IP address. Amplifi support tells me that Amplifi is designed to have a ⦠It's not a long term thing, but we need it until we switch ISPs.