Hi Jonathan, THanks for the info. I was going to try bridge mode and have the gateway handout the DHCP addresses, but of course this means I loose my DHCP reservations. That isn't a big deal really and I could probably set the lease time to something really long if it were necessary. As long as I don't loose the ability to control things via mac address, this might solve all the problems. Of course I screwed myself by accident by turning off the DHCP server on the gateway and forgot to fix the AirPort and had to call COmcast to have them fix the mistake. :) Yep, really should not muck about with these things when tired and to busy to focus on more than 10 things at once. :)
Scott On Jul 15, 2011, at 10:19 AM, Jon Cohn wrote: > Scott, > > I would suggest using the bridge mode on the Apple routers. Generally only > tunnelling will cause you issues, but any VPN will probably use tunneling. > You should still be able to block MAC addresses in one of the manual airport > controls even with DHCP turned off. > > My problem with NAT is that the router needs to keep a mapping of all traffic > and on a busy network it will eventually decide to drop that mapping. So if > you are double natting then you are going to have twice the chance that a > long not very active session will get dropped by one of your routers. > > As > > Jonathan > > On Jul 10, 2011, at 6:06 PM, Scott Howell wrote: > >> All, >> >> Here is the situation. I recently switched to Comcast business class. I was >> provided with a SMC Network cable modem. THis box is actually a switch >> consisting of four ports. Currently I have my AirPort router plugged into >> the SMC and thus I have a double nat situation. THe SMC is configured to >> handout DHCP addresses, which is how my AirPort gets its address, but I also >> am handing out addresses using DHCP to the devices on my private network. I >> actually am using DHCP reservations and for a specific reason. >> I have setup mac address filtering to control certain machines on the >> network. Unfortunately the SMC lacks some of the features for controlling >> machines that are found in the Apple router. However, this double nat >> situation can and has created some issues for me. I could of course just >> bridge the AirPort and give up the whole deal on controlling machines on the >> network. That may very well end up being necessary in the end; however, >> before I do so, I wanted to ask if anyone had any thoughts. I did a little >> searching around on Google, but unfortunately I'm not sure exactly what to >> look for either. I don't think Google would take my message as a search term >> either. :) >> Although I do not have any plans to do this, the advantage of double nat in >> this case is I could strap three more routers onto the gateway (SMC) and >> have some fun. Now maybe there is a way around all of this, but seems the >> current issue is IP6 tunneling, but I am more concerned if this could pose >> problems with other services. So, thoughts welcome and I'll keep poking >> around and see what I can learn. The good thing is that all seems to be >> working for the most part, so this is not a critical need situation. Just >> need to make sure I can vpn into the network at the office. :) >> >> Thanks, >> Scott >> >> -- >> You received this message because you are subscribed to the Google Groups >> "MacVisionaries" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/macvisionaries?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "MacVisionaries" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/macvisionaries?hl=en. > -- You received this message because you are subscribed to the Google Groups "MacVisionaries" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/macvisionaries?hl=en.
