OK, the IANA (Internet Assigned Numbers Authority) has specific IP address ranges for use as non-routable, internal network addresses – these addresses are unregistered. (192.168.0.0-192.168.255.255 | 172.16.0.0-172.31.255.255 | 10.0.0.0-10.255.255.255) All of the computers on an internal network (stub domain) which are connected to the router are assigned numbers such as these – for instance, my desktop was 192.168.1.2.
But the router is connected directly to the cable modem, and it has its own unique registered IP, which allows it to query information on the internet. So computer “A”, my desktop (IP 192.168.1.2), attempts to connect to a computer outside the local network – such as a web server. The computer sends out a packet, which the router receives. The router saves the computer A’s non-routable IP address to an address translation table
– the router then re-writes the packet header replacing computer A’s non-routable IP address with its own – but specifies a different port. So when a packet comes back from the destination computer, the router checks the destination port of the packet and checks the information against the address translation table
, therefore it knows which computer on the internal network it is supposed to go to – then the router re-writes the packet header again, changing the destination IP to the non-routable IP of the correct computer in the address translation table – computer A’s.
So the servers only see the router’s IP address, but it also sees the port number the router assigned to identify which computer on the network sent the request. So there is extra information in the packet header that the servers can read, and if they don’t want people to access from behind a NAT, the servers simply won’t respond to the router’s assigned port. My ISP is my university. I live in university owned apartments – and if two computers exist in one residence the IT department wants the resident to register each computer – and therefore pay multiple access charges.
Here’s the thing. I’m pretty sure that it’s blocking requests that are re-routed because of this. Like I said before, I have the desktop computer connected directly to the cable modem currently, and it works. If I go to Network Connections -> Local Area Connection -> Properties -> Advanced…and under “Internet Connection Sharing” there’s a check box for “Allow other network users to connect through this computer’s Internet connection.” If I check this box, then the computer starts re-writing the packet header with information about where every request comes from, and then my desktop can’t access any webpages – everything just times out. When I uncheck the box – and packet headers return to normal – everything is fine.
If my understanding of routers is completely false, please tell me. But this is my situation at the moment.
Originally Posted by V.B.
If your ISP is of those remaining proividers that still tests the MAC address of the PC that is attached to the cable modem to see if it is the same PC that was connected to it when the service was installed (most don't care anymore), then get a router that has MAC address cloning.
My router does have MAC address cloning - and its always had the same MAC addy as my desktop - I set it up that way months ago. All of the sudden, I come home from vacation, and that doesn't work anymore.
Actually the university controls access to the network by MAC address of the computer entirely. Anyone can plug in a cable modem here, and it will access the network, but once a request is made the server requires you to register the MAC address to a student ID. If you change MAC addresses, then you are required to re-register, deactivating the old MAC address's ability to get online - or you add the MAC address to your account and get charged for two connections.