1

When setting up a VPN on my office LAN, I first need to setup a way to access my local network over the internet.

There are 2 ways to do this

  1. Buy static IP address (Paid)
  2. Configure Dynamic DNS (Almost free)

But, in order for the option 2 to work, the office router should have a direct public IP address. In another words, the ISP (Internet Service Provider) should not put the router inside a NAT. Which basically means that if the router is behind another network device, it will not have a direct public IP address.

In US for example, 98% home users will have public IP assigned to the router. However, in India, most probably, the ISP will but the router behind a NAT.

Hence, the question: How do I find out if my ISP has put me behind a NAT. Will Dynamic DNS work with my ISP?

Improve this question
1
  • 1
    Note that NAT does not necessarilly mean this won't work. the question is whether the NAT method in use has one public IP per internal customer, and whether they give you control of the NAT at your router (which is common with north American ISPs). Some kinds of NAT like Carrier-Grade NAT will make this almost impossible, but other types will allow you to do what you need to. Also note that DynDNS does two things for you, it lets your router update your public IP as it changes, and gives you a domain name to run your services on. your router does need to support DDNS updates though.
    – Frank Thomas
    Commented Mar 2, 2021 at 0:23

1 Answer 1

Reset to default
7

In order to find out if you router is behind a NAT, you need to trace how you are connected to internet.

Follow these steps

  1. Go to checkip.dyndns.org You will get your public IP address.
  2. Open CMD and type tracert {public IP}, for example: tracert 144.54.89.140 (traceroute on Mac / linux)
  3. If there is more than 1 hop, you are behind a NAT.

More Details / Explanation

The below image shows an example of tracert. In this example, I am tracing the route from my PC to Cloudflare server on 1.1.1.1. It took 6 hops to reach the 1.1.1.1 server.

example tracert

When you run tracert {your public ip}, and you see an output with just 1 hop, then it means your router is directly connected to the internet, without any NAT of your ISP.

However if you see more hops, then your ISP has implemented NAT (could be NAT 2 or NAT 3). In which case Dynamic DNS will not work for you.

Improve this answer
3
  • By hop you mean hops with private ips?
    – Marat Mkhitaryan
    Commented Nov 27, 2022 at 18:50
  • It can be both private or public
    – Adarsh
    Commented Nov 29, 2022 at 14:50
  • what is the command in mac ?
    – TSR
    Commented Apr 23 at 19:40

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .