Recently switched from 2.7.2 to 2.8.2 on my 2800G and found that NAT behaviour was broken for outbound sessions. Had to revert to 2.7.2 for now.

The problem is that in 2.8.2, the outbound source port does not get translated. This becomes a problem when two boxes on the LAN use the same source port to connect to the same IP/port on the internet.

Here is an example pair of NAT sessions from 2.7.2:

Code:

------------------------------------------------------------------------------- Private IP :Port #Pseudo Port Peer IP :Port Ifno Status ------------------------------------------------------------------------------- 192.168.0.2 4569 37401 87.238.75.xxx 4569 3 0 192.168.0.20 4569 37977 87.238.75.xxx 4569 3 0

This is fine, as each box gets a different pseudo-port on the WAN.

However, when using 2.8.2, the pseudo-port is the same as the source port:

Code:

------------------------------------------------------------------------------- Private IP :Port #Pseudo Port Peer IP :Port Ifno Status ------------------------------------------------------------------------------- 192.168.0.2 4569 4569 87.238.75.xxx 4569 3 0 192.168.0.20 4569 4569 87.238.75.xxx 4569 3 0

This means that any return traffic cannot tell which box it should be routed to.

Is this a bug? Or is there a new setting that turns this behaviour on and off? (Although I can't imagine what use the new behaviour would be!)

Cheers
Tony

Well, having contacted support and received some suggestions to follow from Adam, I managed to establish the following:

1. The problem does not exist in 2.8.1 or earlier.
2. It was introduced in 2.8.2.
3. It affects UDP sessions only; TCP sessions still work fine.
4. It has been fixed again in the 2.8.2.1 beta 1120 firmware that is available from the Draytek UK site.

So having updated to 2.8.2.1b1120 I am happy