18 Oct
2016
18 Oct
'16
7:12 a.m.
On 18/10/2016 10:33 PM, lleachii--- via 44Net wrote:
NATed hosts must be connection tracked for outbound
(which is why his
node can be reached by the remote after he initiates pings). "DMZ"
settings usually apply only to TCP and UDP (in most consumer devices,
at least). This is also further indication that our common
recommendation on this list for operators to place their AMPRGW in the
DMZ may not be a risk necessary to take. I should note, I've NEVER
been able to use a router with AMPRNet by simply enabling the "DMZ
feature" on a consumer device. We may need to compile a list of
makes/models where the DMZ feature works with IPENCAP.
My FritzBox 7270 seems to pass inbound IPENCAP packets fine using the
DMZ function. I can certainly get access from outside, and I've never
seen any of these intermittent issues.
--
73 de Tony VK3JED/VK3IRL
http://vkradio.com