I am hoping someone could help me with diagnosing my issue as stated in the title?
We have a 1:1 NAT setup for our customers antennas, we have a mixed bag of SMs on our network consisting of Cambium epmp 3k and 4k, 450b and Ubiquiti 5GHz AC. We set all Cambium radios to NAT, Router Mode for Ubiquiti and then we 1:1 with a Public IP. We have a few IP subnets from ARIN and had no issues with epmp 3k,4k and Ubiquiti. Now we are assigning some to the 450b SMs, that are in NAT mode, and the SM loses internet access when the 1:1 NAT is implemented.
Being a small local WISP, I am on this network and I made sure the IP I was using for the 450b was not the issue by assigning it to my 4525 and I had no issues.
Could anyone help? I can provide screenshots of the 450b configuration if needed. Thank you
More than one device?
Check the NAT table isn’t full, if it’s a heavy user this might be it.
We also have issues with Intel NICs sometimes and I believe it’s DHCP.
I am assuming by “NAT table isn’t full” that what is being referred to is the number of entries in the table that you can view under the web GUI via Logs-NAT Table. At one point I had similar symptoms with Cambium devices and their NAT table being full, which adjusting the limit helped push the problem off for a while. Yet, most the time seemd to indicate customer compromised devices, seeming to intentionally cause problems that often firmware updates of their devices and routers seemed to address better in the long run. I believe the default entry size for how many entries can be in the NAT table is 2048. The number of entries for the NAT table before it maxes out can be adjusted up to 8192 via Configuration-NAT under the NAT Protocol Parameters section via the Translation Table Size entry, along with other parameters. However, you should be concerned that client devices and processes may be intentionally targeting not just Cambium solutions but other NAT solutions to cause unnecessary problems, doing things like profiling how many entries are necessary to start causing problems, as even disabling NAT and pushing the problem off to many off-the-shelf routers will not cause these kinds of intentional causing problems to quit. However, it is also true that heavy use and many devices behind a router can more quickly fill up a NAT table.