If you’re on Community Fibre broadband, you might have come across a common issue known as CGNAT (Carrier-Grade Network Address Translation). While CGNAT is useful for internet service providers (ISPs) to conserve IP addresses, it can create problems for users, especially when it comes to tasks like hosting a server or accessing certain devices remotely.
In this blog, we’ll explore what CGNAT is, why it’s used, and how to get around it on Community Fibre broadband. We’ll also look at a practical use case for managing multiple devices behind a CGNAT.
What is CGNAT?
Simply put, CGNAT is a technology that allows ISPs to assign the same public IP address to multiple customers, helping them manage the limited number of IPv4 addresses. Instead of giving each user a unique public IP, CGNAT uses private IP addresses inside a larger network and translates them to a shared public IP when traffic leaves the ISP’s network.
While this works well for basic internet activities like browsing or streaming, it causes issues for users who need a direct connection to their devices from outside their network. This includes anyone trying to:
- Host a game server or website from home.
- Use remote desktop software to access devices.
- Set up smart home systems that need remote access (e.g., CCTV cameras, IoT devices).
- Use peer-to-peer (P2P) applications, such as VoIP services.
The CGNAT Issue on Multiple Devices
For users with multiple devices or servers that require external access (like those managing media servers or working remotely), CGNAT can be especially frustrating. Let’s say you have two media servers running in your home: one to stream movies and another for music. Without a direct public IP, these servers become inaccessible from outside your local network, as CGNAT assigns a shared IP to all devices connected through your broadband.
This leads to problems like:
- Port forwarding doesn’t work: CGNAT blocks incoming connections because multiple users are sharing the same IP.
- Dynamic DNS services fail: Many users rely on Dynamic DNS to keep track of their IP address for remote access. However, with CGNAT, this is ineffective as the shared IP keeps changing, and the ISP controls the public IP, not you.
How to Get Around CGNAT on Community Fibre Broadband
While CGNAT may seem like a dead end, there are several ways to get around it if you need direct access to your home network. Let’s break down some of the solutions.
1. Request a Static IP from Your ISP
The simplest solution is to contact Community Fibre and ask for a dedicated IP address. Many ISPs, including Community Fibre, offer static IPs for an additional fee. A dedicated IP gives you a unique, permanent public IP address that get around CGNAT, allowing you to use services like port forwarding, remote access, and Dynamic DNS without any restrictions.
- Reliable and easy to set up.
- Solves most CGNAT-related issues.
2. Use a VPN with Port Forwarding
A VPN (Virtual Private Network) can also be used to get around CGNAT. Certain VPN providers like PureVPN offer port forwarding features, which allow you to create a direct tunnel from your device to the external network, essentially providing you with a public IP address for your home devices.
By setting up the VPN on a device, such as a router or a computer that acts as a gateway, you can route your home traffic through the VPN and gain access to your devices remotely.
- Doesn’t require any changes from the ISP.
- Added security and privacy from the VPN.
3. Use a VPS as a Middleman
For more advanced users, a VPS (Virtual Private Server) can act as a middleman. This method involves renting a VPS from a cloud provider like DigitalOcean, AWS, or Linode, which comes with its own public IP. You then create a secure tunnel (like SSH or a VPN) between your home network and the VPS.
With this setup, external devices communicate with your VPS, which forwards the traffic to your home network through the tunnel.
- Highly customizable.
- Can handle multiple services or devices without relying on your ISP.
4. IPv6 Adoption
If available, IPv6 could be a long-term solution, as it eliminates the need for CGNAT by providing enough IP addresses for every device. Unfortunately, adoption is still in progress, and not all ISPs or websites fully support IPv6 yet.
However, if your devices and Community Fibre broadband support IPv6, you can use it to get around the limitations imposed by CGNAT. Check with Community Fibre for IPv6 compatibility and support.
- Future-proof solution.
- No need for workarounds like VPN or static IP.
What Community Fibre Claims About CGNAT & Port Forwarding
Here is the verdict of Community Fibre regarding CGNAT & port forwarding:
“For all our home broadband services below 3000Mbps speed we use Carrier Grade Nat (CGN) technology to make efficient use of IPv4 addresses. Port forwarding is not possible through CGN and there are a tiny number of specialist use cases that might require this, typically to enable a direct connection from outside your home LAN to a service that you are running on it. If you want to make use of port forwarding then you will need to purchase or upgrade to our 3000Mbps or 3000Mbps Premium home broadband services or any of our business broadband services.“
Source: CommunityFibre
How to Check if Community Fibre Broadband Uses CGNAT
To determine if your Community Fibre connection is under CGNAT, you can use any of the following methods:
Method 1: Check the Router’s WAN IP Address
- Open a web browser and enter your router’s IP address into the address bar.
- Enter your username and password to access the dashboard.
- Navigate to the status screen on the dashboard.
- Find the section labeled as ‘WAN IP’ or a similar term, which might vary based on the router model.
- Examine the IP address assigned to the router’s WAN interface.
- If this IP address falls within the range of 100.64.0.1 to 100.127.255.254, your connection is likely behind CGNAT. This IP range is designated for CGNAT usage.
Method 2: Compare WAN IP and Public IP Address
- Follow the steps from Method 1 to find and note down the WAN IP address from your router’s dashboard.
- Open a new tab in your web browser
- Search for “what is my IP address” and press Enter.
- Remember the public IP address displayed by the search results.
- If the WAN IP and the public IP address are different, it indicates that your ISP is using CGNAT.
- If they match, your connection likely has a direct public IP address, meaning it is not behind CGNAT.
Related Guide: How to Check if your ISPs perform CGNAT
How to Get Around CGNAT with PureVPN
CGNAT (Carrier-Grade NAT) can cause issues with certain online activities like gaming, hosting a server, or accessing your home network remotely. PureVPN offers a way to avoid CGNAT by providing you with a secure and direct connection to the internet using a public IP address.
Here’s how to get around CGNAT with PureVPN:
1. Sign Up for PureVPN
First, you need to sign up for a PureVPN account. We offer various subscription plans, so choose the one that suits your needs.
2. Download/Install PureVPN
PureVPN is available on multiple platforms including Windows, Mac, Android, iOS, and routers. Download and install the app or configure PureVPN on your Community Fibre or any other router.
3. Log In to PureVPN
Once installed, log in with the credentials you created during the signup process.
4. Connect to a Server
Open the PureVPN app and select a server from a location of your choice. PureVPN will route your traffic through this server, which has a public IP address. This effectively avoid CGNAT, as your connection will no longer rely on the shared IP address provided by your ISP.
5. Enable Port Forwarding (Optional)
If you need to host servers or access devices remotely, PureVPN also offers port forwarding. You can enable this feature directly in your PureVPN account settings. This helps you manage specific ports for gaming, torrenting, or running applications that require direct access.
6. Verify Your Connection
After connecting to a PureVPN server, verify that you’re no longer behind CGNAT. You can use online tools to check your IP address and confirm that it’s a public IP.
Related Read: Port Forwarding on a dedicated router
Benefits of Using PureVPN to Avoid CGNAT
- Improved online gaming: Reduce lag and connect to servers directly.
- Remote access: Easily access your home network or devices from anywhere.
- Enhanced privacy: PureVPN encrypts your connection, offering additional security.
By following these steps, you can avoid CGNAT using PureVPN and enjoy a more direct, unrestricted internet experience.
Conclusion
CGNAT is a practical solution for ISPs like Community Fibre to manage their IP resources, but it can be a hassle for users who need direct access to their home network. Fortunately, there are several ways to work around this limitation, from requesting a static IP to using VPNs or VPS solutions.
By understanding your needs and the technical capabilities of your network, you can choose the best option to get around CGNAT and enjoy uninterrupted access to your devices and services.