Sponsored Links

EE 4G Mobile Broadband - AAISP, Unifi USG and Double NAT - advice needed please

Te7o

Casual Member
Hi all, thanks for taking a look at my post! I live in a relatively rural area on the fringes of mobile signal and with poor fttc connectivity and have limited options for a fast internet service at the moment.

I currently have Voneus fixed wireless broadband giving around 20Mbps DL/UL but have recently had a number of issues with a tree blocking my signal to the repeater and Voneus support has been terrible at resolving or even acknowledging the issue.

As a result I’ve been investigating and experimenting with 4G mobile broadband to see what speeds are achievable. I’ve invested in an external aerial and Netgear LB2120 and tried every provider with EE (surprisingly) coming out best with around 25-30Mbps DL / 35 Mbps UL.

Now, I want to avoid CGNAT on the EE network so I’m using the L2TP tunnel service to AAISP as mentioned elsewhere on here. Unfortunately my existing router (unifi USG) does not support acting as an l2tp client so I have used an old TPLink Archer C2 I had lying about for this.

At the moment, I have the following setup:
Netgear LB2120 - in bridge mode connected to EE 4G with CGNAT IP address connected to WAN port on
Archer C2 (ip of 192.168.11.1) - in router mode as l2tp client (gets correct external WAN ip from AAISP and displays EE CGNAT IP address in secondary connection details) connected to WAN port on
USG - in router mode with static IP on WAN port of 192.168.11.2. My internal network is on 192.168.5.x.

Now I know the above introduces double NAT but without pulling out the whole USG setup (which I’m thinking about because of this!!) I wanted to see if I could get port forwarding to work. I have a server running in my LAN and set up a port forward from the Archer C2 to 192.168.11.2 then on the USG to my server IP.

No matter what I do, this does not work. I have seen mention elsewhere (a long pistonheads thread about 4G internet) that some routers do not support port forwarding from the L2TP tunnel. Is this the case here? I have also tried setting 192.168.11.2 (the USG ip) on the Archer C2 as the DMZ as well to no effect.

What options do I have here? My next step was going to be to remove the USG from the setup to see if i can connect to the server remotely with just the Archer C2 running the network. Before I do, have I missed something obvious I can try?

Many thanks for reading, any suggestions are really welcomed!

Cheers
 
I'm not sure whether my experience is relevant or not but here goes.
I have 4g from a Huawei B818-263 in a simple wi-fi setup directly supplying 5ghz to half a dozen devices, usually not all the same time. I use a software firewall on my PC only with a single port set to forward. When I first signed up to Three this worked fine, but a year later it would no longer work, even when using a VPN (Ivacy). At this time, Three was only using CGNat on one of its APNs but port forwarding stopped working on both. However, bypassing Ivacy's official software I was able to set up a series of L2P manual connections to several Ivacy servers. This didn't work either when doing simple forwarding tests, but running my torrent client I was surprised to see remote connections getting picked up. Doing a forwarding test while the torrent client (BiglyBT) was running showed that it was working. When BiglyBT stopped, so did the open port.
It didn't work with other VPN protocols that I tried such as SSTP or OpenVPN, only L2P.
Since then I have switched to Smarty which only uses CGNat and port forwarding still works with L2P VPN, but only when running a client that requests it. When the client stops the port closes.
If anyone can explain why or how I'd be interested, but it works so I'm happy enough. I have no idea whether this might extend to door cams etc.
 
Just an update on this:

I have tested removal of the USG and using the Archer C2 as the router for the internal network. This works 100% with my server accessible via my IP assigned by AAISP through the L2TP tunnel.

Any recommendations for the more capable routers are welcomed as alternatives to the Archer C2. I have lost my VPN server provided by the USG as well as the fancy guest network functionality.

Anyone needing help with this kind of setup, please just ask.

Thanks.
 
Sponsored Links
@Te7o well,
Any recommendations for the more capable routers are welcomed as alternatives to the Archer C2. I have lost my VPN server provided by the USG as well as the fancy guest network functionality.
A RPi/PC with Linux or OpenWRT, as you seem tech-savvy enough.
 
Thanks Lucian, much appreciated! I’ll look into my options with those.

I’m now all set up with an unlimited EE data sim which is giving 30-35Mb down/up. Very chuffed considering my local mast situation!
 
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6026)
  2. BT (3639)
  3. Politics (2721)
  4. Business (2439)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2146)
  8. FTTC (2083)
  9. Statistics (1901)
  10. 4G (1816)
  11. Virgin Media (1764)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1407)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules