I have a new ASUS AC3100 router, currently running ASUSWRT-Merlin 384.9. The router is connected to a Nighthawk M1 AT&T LTE hotspot, configured for IP Passthrough so that it's just acting as a modem and not as a second router.
I've been using ZeroTier-One for VPN for a while, and it's been great. However, as of moving a few of my machines from one office to the new one with the AC3100, ZeroTier is no longer able to create direct connections to them from the outside.
According to ZeroTier-One's documentation on router configuration, there are a number of things I should be doing to avoid the problem that I'm experiencing:
How can I tell if I'm restricting outbound UDP traffic? Where can I choose between "symmetric NAT" and "full cone NAT"? How can I tell if I have multiple layers of NAT? Where is the NAT port-mapping timeout specified? Where is the uPnP or NAT-PNP setting, or are those not supported?
I've been using ZeroTier-One for VPN for a while, and it's been great. However, as of moving a few of my machines from one office to the new one with the AC3100, ZeroTier is no longer able to create direct connections to them from the outside.
According to ZeroTier-One's documentation on router configuration, there are a number of things I should be doing to avoid the problem that I'm experiencing:
- Don't restrict outbound UDP traffic
- Don't use "symmetric" NAT. Use "full cone" or "port restricted cone" NAT.
- No more than one layer of NAT should be present between ZeroTier endpoints and the Internet.
- NATs should have a port mapping or connection timeout no shorter than 60 seconds.
- Supporting either uPnP or NAT-PMP.
- IPv6 is recommended.
How can I tell if I'm restricting outbound UDP traffic? Where can I choose between "symmetric NAT" and "full cone NAT"? How can I tell if I have multiple layers of NAT? Where is the NAT port-mapping timeout specified? Where is the uPnP or NAT-PNP setting, or are those not supported?