Upgraded a few year old Dream Machine router to the new Dream 7. I backed up the old config and restored it on the Dream 7. Everything on my network is working fine except Roon ARC. Here is the error code. . any ideas:
Thank you for your patience while we’ve diligently worked to reach every request for support with port forwarding. The diagnostics you’ve provided suggest there is a redundant layer of network address translation preventing port forwarding.
This can either be at the local-network level (commonly as a result of two routers), or at the level of your service provider (in the form of carrier-grade NAT).
If your setup involves an ISP-provided gateway (modem/router combination) and your own third-party router:
In the web administration interface of the ISP-provided gateway (modem/router combination), enable Bridge Mode or equivalent, where the ISP-provided gateway does not have DHCP routing enabled.
Alternatively, if you have already created a manual port forwarding rule in your 3rd party router, you can add an additional rule to forward the port through the ISP/second router.
If you only have one router in your setup or your modem is already in Bridge mode, please take a look through our list of known router and internet service provider solutions, as other users may have already encountered the same situation: ISPs and Routers: List of Known Solutions and Workarounds
You can reach out directly to your service provider to ask if they support port forwarding; this question will often enough to prompt them to explain whether or not the carrier-grade NAT they’ve implemented can function with ARC.
More specifically, you can pass along the following questions:
Have you implemented carrier-grade NAT for my account level?
Have you fully implemented IPv6, or do you have IPv4 addresses available?
Can I request a static IPv4 address to support port forwarding?
Are there any ports you have reserved at the ISP level I should be aware of?
If you’re unable to locate an existing solution in our ARC: Port Forwarding Resources subcategory, please reach out to the Roon support team and include the following information:
Do you have any additional network hardware, like additional routers or managed switches?
Who is your internet service provider and what is your geographic region?
Is your Modem configured in Bridge Mode so that it operates only as a modem or do you have the ports forwarded on both?
uPnP will not work until the second layer of NAT has been removed.
The local network double NAT is definitely present. Looking at the diagnostics data in the original post, it can be seen that the router_external_ip is 192.168.254.137 - which is both a private ip address and in a different subnet (192.168.254.0/24) to the Roon server which is in the 192.168.1.0/24 subnet.
Ignore the points about CG-NAT and asking questions of your ISP for now and just see if you can eliminate the ISP modem/router either completely or by putting it into bridge mode.
If you can’t do that then there are a couple of other ways forward:
Setting up port forwarding on both routers. The ISP router should forward to the WAN ip address of the Dream 7. The Dream 7 should forward to the Roon Server. Both forward TCP connections on the ARC port.
To elaborate on Wade’s instructions above, the easiest way to remove the blockage is this:
If you’re using an ISP-provided router, make sure it’s in Bridge mode. This is sometimes called Passthrough or Modem-Only mode. You should be able to perform this step from the settings admin page of the ISP-provided router.
If that doesn’t work, then create a manual port forwarding rule in the Ubiquiti Dream 7 router settings Port Forwarding section. That rule should be TCP-format and point to the port number and IP address listed in Roon Settings → ARC. Next, go to the Settings page for the ISP-provided router, find the Port Forwarding section, and create the exact same rule again there.
Please let us know if you have any further questions. Thanks!
Thanks to all - with the guidance here and some reddit searches found out how to do it on the Arris modem that Frontier uses. Posting the steps here for others because it is not that obvious. Follow these steps then reboot everything and it works.
Login to the Frontier router at 192.168.254.254 and you’ll need the admin password off the sticker.
** Navigate to Advanced in the tool bar (should be right under Wireless5G: Enabled)*
** Select Connection Settings on the left hand side*
** Under the Advanced - Connection Settings, look for the ISP Protocol drop down*
** Select Transparent Bridging and hit Apply*
You might need to bounce the Arris and your Asus a few times, but the Asus will take the IP directly from the Arris and you should see your actual IP in the Asus admin. I have TV service with my Frontier Fiber/FiOS account and have had no issues with this configuration.
