Equiptment:
- Juniper SRX220h
- Playstation 4 pro
- Cisco/Linksys WRT610N
- Verizon FIOS 100/100
- Dell Poweredge Server
Research Source links:
- https://www.linksys.com/us/support-article?articleNum=135179
- https://networkshinobi.wordpress.com/2015/06/26/playstation-network-xbox-live-nat-type-3-to-nat-type-2-on-juniper-srx-with-dynamic-public-ip-address/
- https://forums.juniper.net/t5/SRX-Services-Gateway/SRX-config-for-Playstation/td-p/297350
I understand I am using old equiptment however an Desktop Support IT guy, I don't mind reusing equiptment for home use especially if it was brand new, never opened, and aquired as gifts. I also host a Plex Server and a Ubooquity, web server, all for personal use. Choosing to be behind a enterprise grade Juniper Enterprise gateway Firewall, is a smart choice. Plus, I get to learn something new like when I see net admins at work clacking away in a CLI box. This has been an awesome experience for me to learn juniper on an enterprise level to secure my home Server and Docker Containers.
Now that I have added a playststion4 to the mix. I am finding this quite complicated where I now need to post on a fourm for help and guidance. I have looked though the links about this topic, and knowing me, the Desktop Support guy, I am always thinking around the box.
At first I Thought the Nat Type-3 Playstation network is becuase I was double Nat'ing my Wireless router and I did not set it up as an AP, just put it on a Different Subnet. I didn't care before because most devices connecting to the wireless gateway as on the 2.4ghz 1Laptop, chromecast, 5GHZ: 1TV, PS4, 1 Laptop, 3 mobile phones. As soon as I got this PS4 my world is upside down and its been a while since I gamed, 2005 with a ps2 to be exact. back in the day it just worked my buddys and I could clan up and talk in SOCOM. Old school I know.
Because of the UPnP limitation, I am not at all comfortable opeing up (ranges) of ports, Over 2,030+ ports spand across TCP/UDP.
Interface ge-0/0/0 is connected directly to the Verizon FIOS ONT vLAN Gateway on X.X.2.1
Interface ge-0/0/7 is connected to the Cisco/Linksys WRT610N Wireless router (*AP mode - in LAN 1 on the 4 port switch) or (**Gateway mode on X.X.3.1 subnet in the Internet Port) which I have had both set up and work. Currenty Wireless Router its in AP Mode which I also set the ip/mac address in wLAN settings in JUNOS SRX.
If I go back to **Gateway mode Double NAT exists.
If I were to have Double NAT, NAT from Juniper and NAT from he Wireless Router, Would puting the Wireless Router in the SRX DMZ zone on Interface ge-0/0/7 , help achive NAT type 2 for the Playstation 4? and How would this effect other local connectivity to my server, would I still be able to access NAS file storage, admin web config pages on Example: X.X.2.255:65553 and JUNOS on X.X.2.1 wirelessly if the Router is in the DMZ zone or is it completly independant and isolated?
Double NAT and DMZ is completly new to me.