Back to My Mac: "Double NAT" configurations may prevent Back to My Mac connections

Products Affected

Back to My Mac, MobileMe

Symptoms

As noted here, if your computer is part of a "double NAT" network, Back to My Mac (BTMM) connections to your computer may not work as expected.  The computer may appear in the Finder Sidebar but connections will not be successful, or the computer may not appear in the Sidebar at all. Note: "Double NAT" is a common phrase for a network that has multiple layers of Network Address Translation (NAT).  For example, if your cable modem is providing NAT, and you connect an AirPort Base Station to the cable modem using the default AirPort settings, the AirPort Base station may provide another layer of NAT.  

Typically, an AirPort Extreme base station will alert you if it's in a double NAT situation. The AirPort Utility provides a message such as "Double NAT" or "Conflicting DHCP Range", and the status light will blink amber. AirPort Utility may suggest that you change to bridge mode.

Resolution

To resolve the issue, update your Mac computers to Mac OS X v10.6.5 or later. Mac OS X v10.6.5 contains Back To My Mac improvements to resolve connection issues with many common double-NAT configurations.

If that doesn't work, you can try disabling NAT on the router, so that the IP address provided by your Internet Service Provider (ISP) is assigned to the AirPort Extreme base station. The AirPort Extreme base station will then be able to use NAT to assign IP addresses to all computers that connect to it.

If you are able to determine that your Internet modem is functioning as a router/gateway at either location, refer to the documentation provided with the modem or contact your ISP for assistance with disabling NAT on it.

If it is not possible to disable NAT on the Internet modem at either location, you can use your AirPort Extreme in bridge mode as an alternative:

  1. Open AirPort Utility.
  2. Click the Internet tab.
  3. Make note of your current settings.
  4. Change the settings to the following:
        - Connect Using: Ethernet
        - Configure IPv4: Using DHCP
        - Connection Sharing: Off (Bridge Mode)
  5. Click Update.
  6. Confirm that you are still able to connect to the Internet (in a Web browser, for example).
  7. Try using Back to My Mac again.

 

Additional Information

How to tell if you are using "double NAT"

While every network setup is different, here is a simple way to tell if your computer is on a "double NAT" network:

  1. In Finder, from the Go menu, choose Utilities.
  2. Open Network Utility.
  3. Click Traceroute.
  4. In the field, enter "www.mac.com".
  5. Click Trace.

After starting the trace, look for the line beginning with the number 2. 

If the address in that line is any IP address in either of the following ranges:

  • 10.x.x.x
  • 192.168.x.x

... then your network has multiple layers of NAT.

Note: For complicated or corporate networks, contact your Network Administrator for further assistance. 

For more information on NAT, see this article. 

Not helpful Somewhat helpful Helpful Very helpful Solved my problem
Ask other users about this article
in Apple Support Communities
See all questions on this article See all questions I have asked