0

I just signed up with a new ISP and I got a dynamic private-range (172) IP as WAN address on my firewall/router, so I can't do any port forwarding. They say that to do port forwarding I must buy a fixed IP, for which they ask a fortune and it's a life-time fixed IP address, that I will never be able to change (unless I pay double that fortune).

Is there anyway to work around this problem? The DynDNS client gets my public IP, which unfortunately doesn't really point to me.

Many thanks for any hints.

Improve this question
3
  • What is the second set of digits on your IP ? Not all addresses starting with 172 are private. It sounds to me like your so-called ISP is not actually providing proper Internet services.
    – davidgo
    Commented Apr 12, 2013 at 3:58
  • ISPs have started doing this recently. What ISP is it? I know on some (Verizon DSL, for example) you can simply ask for a public IP address if you need one.
    – Rain
    Commented Apr 12, 2013 at 4:04
  • I can't remember the second set, but it's definitely private. The ISP is MyRepublic in Singapore. As I said, they give you a fixed public address, but they charge a lot for it.
    – chris
    Commented Apr 12, 2013 at 7:14

2 Answers 2

Reset to default
3

If my assumptions based on your problem are correct, you will need to source your IP address externally - and unfortunately there is a cost associated with it. Look for a company that will provide you with a VPN service (I'd recommend one using OpenVPN) - and that provides a real IP address to you. There are a few of these providers arround.

This solution will entail a performance hit (because of the longer routing). The alternative is to change to another ISP.

Improve this answer
2
  • Interesting. So then I configure the port forwarding on the VPN side, right?
    – chris
    Commented Apr 12, 2013 at 8:19
  • You would probably not need to configure port forwarding as the the VPN endpoint would be on your computer, ie real world IP address would be bound to the computer running the VPN client so if that machine is the one you are trying to access, no forwarding is neccessary. (In more complex environments routers running OpenWRT/DD-WRT or more expensive routers allow you to configure a VPN as a virtual interface on a router and then port forward that)
    – davidgo
    Commented Apr 12, 2013 at 19:01
0

Most likely, the VPN provider would give you an unrestricted IP tunnel to one IP address, which would either end at your router/firewall, or a PC running their software in your internal network, which is where you'd set port forwarding and other NAT attributes. I suspect you could also purchase a small public block of IPs as well and have each system with its own routable IP. This, however, would likely be in the range of a small commercial enterprise price range.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .