Bell 10G plan (Giga Hub 2.0) moved to CGNAT — lost external access to my Synology NAS. What are my options?
Hey everyone,
I've been running a Synology NAS at home with port forwarding for external access. Recently port 443 started timing out when I checked via canyouseeme.org. I tried deleting and re-adding port forwarding rules, rebooting the Giga Hub 2.0 — nothing worked. For testing, I even changed the internal service port and reconfigured everything, and locally (inside the network) everything works fine. The issue only occurs when accessing from outside the network, which is why I’m confident this is not a local misconfiguration.
After chatting with Bell support, I was told that residential customers are being gradually moved behind CGNAT, and I was apparently one of the early ones. Their suggested fixes were:
- Upgrade to a Business plan (to get a public IP)
- Use a third-party router
A few questions for the community:
- How many of you have lost your public IP on Bell residential? Is this already widespread or am I just unlucky?
- Would PPPoE with a third-party router even help? If Bell is assigning me a CGNAT IP at the ISP level, a third-party router won't fix that — right? PPPoE doesn't magically give me a public IP if Bell isn't handing one out.
- For Bell fiber (10G), PPPoE requires an SFP module — the Giga Hub 2.0 doesn't have a true bridge mode. Is the WAS-110 + a router like UDM/UCG Fiber the only real PPPoE bypass option? That's not cheap...
- At this point, is Cloudflare Tunnel the most practical solution? Buy a domain, set up
cloudflaredon the NAS, and call it a day — no port forwarding needed. Are there any downsides I'm missing?
Would love to hear from others dealing with the same situation. Thanks!
ADD .
--------------------
LIVE CHAT
Consumer: Just to double-check, my current WAN IP is 142.198.x.x. One
of your previous agents mentioned that port forwarding is not working
because the connection is behind CGNAT.
However, from what I understand, this IP range does not typically fall
under CGNAT address space. Could you please confirm whether my
connection is actually under CGNAT, or if there might be another issue
affecting inbound port forwarding?
20:57:59 Alaine John: Let me check details aobut port forwarding on your
account.
20:58:23 Alaine John: I just want to confirm. Is your service address #####?
20:58:37 Consumer: YES
20:59:33 21:01:04 21:02:46 21:06:47 Consumer: Just to clarify and make sure I understand correctly, my
current WAN IP is 142.198.x.x, which appears to be a normal public IPv4
address.
I was previously told that my connection is behind CGNAT, which is why
port forwarding is not working. However, according to RFC 6598 and RFC
6888, CGNAT typically uses the shared IPv4 block 100.64.0.0/10.
Could you please confirm whether my connection is actually behind
CGNAT despite having a public-looking IP, or if the previous explanation
might not be accurate in my case?
Alaine John: Checked our database and you really do have a public ip
address which changes from time to time. I just want to check, what
device are you trying to connect to your modem and Bell internet service
via port forwarding?
Consumer: Synology NAS ,So I’m a bit confused — what exactly was the
basis for the previous agent saying I was behind CGNAT?
My current agent is confirming that I have a public IP address, and I can
also see a public WAN IP in the modem interface.
Was the earlier conclusion based on the port forwarding issue rather
than the actual IP assignment?
Alaine John: I'm so sorry. We don't have technical information about
port forwarding as Bell only provides basic troubleshooting for modem
and internet service. What is exactly happening when you set up port
forwarding on your modem?21:08:45 21:12:19
21:12:34 21:14:02 Consumer: I used to have port forwarding on port 443 working without
any issues for a long time. I’ve tried multiple troubleshooting steps, but it
no longer works.
When I contacted support, I was initially told that I don’t have a public IP
and that I would need to switch to a Business plan.
Now I’m being told that I do have a public IP, so I’m a bit confused about
why the explanation has changed. Could you help clarify what is actually
causing the port 443 inbound connection to stop working?
Alaine John: I'm so sorry I miss typed and I never realized. You don't
have a public ip and you're right Bell residential accounts don't offer the
service. To get your own ip, you will have to convert your account to
business account. One thing that we need to check is your set up now
compared to before.
Alaine John: Just to make sure I understand, your service was fully
working before?
Consumer: ???miss typed??Yes, it was working perfectly before without
any changes on my side.
Port forwarding on 443 (and other ports) was stable for a long time, and
I didn’t modify any settings on my modem, router, or NAS when the
issue started.
The problem appeared suddenly, which is why I initially thought it might
be a network or ISP-level change.21:14:59 Alaine John: Were you able to change any settings on your modem
before this issue started?
21:15:31 Consumer: No, I did not change any settings on the modem before the
issue started.
Everything was working normally for a long time, and I only noticed the
problem when external access suddenly stopped working.
Since then, I’ve only tried basic troubleshooting like rebooting the
modem and re-checking the port forwarding rules, but nothing related
to the original setup was changed.
21:16:08 Alaine John: What device are you using while chatting with us?
21:16:20 Consumer: laptop
21:18:33 Alaine John: Because you mentioned that you never changed any
modem settings, what we can try now is to factory reset the modem.
This will restore all settings on the modem and at the same time it will fix
any know in issues. I can remotely do a factory reset now if you want.
Our caht will pause and it will be restored once the modem is on again.
21:20:43 Alaine John: I'm so sorry, I'm not getting any response. Are we still
connected?21:20:57 Consumer: I can do the factory reset myself if needed. That part is fine
on my side.
Before doing that, I just want to make sure it’s actually necessary,
because internally everything is working fine — my NAS is reachable
locally and the port forwarding rules are already correctly configured.
The only issue is external access, which started failing suddenly without
any changes on my side. So I just want to confirm if a reset is really
required at this stage.
21:22:47 Alaine John: That's the best thing we suggest now. We do recommend
factory reset as this fixes all known issues related to your modem and
internet connection.
21:23:03 Consumer: okay
21:23:21 Consumer: so you mean my ip is public right? not CGNET
21:26:32 Alaine John: You don't have a public ip. That kind of service is only
offered to our business accounts. You can also consider to get a
business account to have that kind of service.
21:26:50 Consumer: okay
------------------
I think Agent not specailist .
NOT CGNET ONLY CLOSED PORT80. 443