How To Change NAT Type on PC

How To Change NAT Type on PC

Whether you’ve played video games or have issues with specific apps, knowing your NAT types can help. Depending on your current needs, you might want to focus on changing the NAT type. So, if you want to know how to change the NAT type on your PC, this article can help you out.

What is NAT?

NAT stands for Network Address Translation. The “translation” part comes from your IPv4 address turning into an IPv6 address.

The different IP address versions differ in local and public versions. IPv4 is only used in local addresses because it doesn’t have enough room for new public addresses. Meanwhile, IPv6 runs on hexadecimal values, allowing it to use a much larger number set. 

Your IPv6 address typically comes from your router, the secure gateway from your home network to the public internet. The IPv6 address would come directly from your computer without a router, creating great exposure. 

How does a NAT type impact my internet experience?

Understanding how a NAT type works helps you understand how it can impact your internet usage. Here’s a breakdown of the three types:

  • Strict
  • Moderate
  • Open

The NAT types vary by the openness of ports on your computer’s firewall or router. Open ports allow specific applications in (and out). 

Strict NAT types (also known as type three) allow no ports. Their applications can connect to others with Open NAT and some moderate NAT types but cannot connect with other strict NAT types. This NAT type makes it impossible to host servers or run available services. 

Moderate NAT types (type two) have a select number of ports open. In this way, you can create a secure tunnel through a port in your router. A great example of this is IPSec, which uses UDP port 500. Universal Plug and Play (UPnP) devices also use moderate NATs, opening and closing with active apps. Moderate NATs can communicate with other moderate NATs and open NATs, but not strict NATs.

Open NAT types (type one) allow all ports to be available. This makes your home network open season for all applications and games. While this means you have unimpeded gaming sessions, any hacker can enter your devices at any time. Open NATs can communicate with any other NAT type. 

How to change NAT type on your PC

There are two methods you can use to change your NAT type on your PC:

  • Turning on network discovery (UPnP on your PC)
  • Turning on your router’s UPnP
  • Using port forwarding 

Out of the three options, port forwarding is usually the safest. Below, you’ll find out the steps you can take with each one.

How to activate UPnP on your Windows PC

UPnP mode comes in the form of network discovery for Windows. Network discovery opens up your PC to find available connections on the network. 

For Windows 10, 8, and 7, activating UPnP is a matter of following these steps:

  • Go to your control panel
  • Select Network and Internet
  • Go to the Network and Sharing Center
  • Click on “change advanced sharing settings”
  • Find network discover and select the “turn on network discovery” radio button

Once you’ve gone through these steps, UPnP is on, setting up a safer moderate NAT type. If you rely on the older Windows Vista, the only thing that changes is that you will need to find a drop-down menu under the Network and Sharing Center. 

If you still use Windows XP, setting up UPnP is more complex. You can follow these steps below:

  • Go to the “run” command under the start menu
  • Type “services.msc” and hit enter
  • Double-click the SSDP Discovery Service
  • Select “automatic” under the startup drop-down list

You might need to restart your computer to activate UPnP settings. This will enable UPnP to start with the computer, reducing your workload.

If you don’t find the discovery service, you need to enable it. Type “appwiz.cpl,” select add/remove windows components, click “networking services,” and click the details button. 

You need to be sure that the “Internet Gateway Device Discovery and Control Client” and “UPnP User Interface” boxes are checked. Going through the install wizard will get those components available for you. 

Following these steps will be incredibly helpful if you want to play games or connect apps through a local area network (LAN). However, external connections will require some extra steps. 

Turning on UPnP on your router (for multiple PCs or Macs)

When dealing with computer-related NAT issues, your problems often come from the router. The router has a different set of UPnP settings you can set up. 

First, you need to be able to access your router’s admin console. To access your admin console, you need to know your router’s IPv4 address, admin username, and admin password. 

If your router is unchanged from factory defaults, you should be able to find this information on the side of your router or in your owner’s manual. Otherwise, you would have set this up with your internet service provider upon first purchase. If you don’t recall your username and password, you can reset it to factory defaults by holding a pen or needle inside a reset compartment in the back of your router for about 30 seconds. 

Once you get access to your admin console, it’s as simple as finding the UPnP settings of your router. You can typically find this under general settings on any router. 

Most privacy-conscious individuals don’t prefer UPnP because it is exploitable. Anyone who can guess what apps you use can leverage that, accessing your data through open ports. This is often how hackers perform DDoS attacks. 

To avoid this situation, having some knowledge of port forwarding can help. Below, we will show you how you can easily port forward on any router.

How to port forward on any router

Much like activating your VPN, port forwarding is the creation of a secure tunnel. While you typically port forward in response to a game, you have complete control over when it opens and closes. This way, it provides you with better security than most other options. 

To port forward on your router, you can follow these steps:

  • Find a list of ports you can use on PortForward.com
  • Search for the ports you need based on what you are trying to accomplish
  • Go to your router’s advanced security settings
  • Under “port forward,” select the computer you want to port forward from
  • Enter the TCP/UDP port numbers found from PortForward.com
  • Click “Add Port”  and wait until the process is complete
  • Test your NAT type by using the application 

You can only add ports to one computer at a time. So if you want to open ports on multiple computers, you are out of luck. 

For a visual guide to port forwarding, you can check out this video:

Opening your router using the DMZ method

The DMZ method sets a custom zone for outbound and inbound connections. Typically, DMZs are used by advanced network administrators to set custom router rules. For a beginner, DMZs are a quick fix to the NAT issue. 

Setting a DMZ without going through an advanced router setup creates an open field for connections. It is similar to setting up an Open NAT type but across numerous PCs connected to your router. Like with UPnP, you need to turn the function on under your settings.

Setting up a DMZ in this way is incredibly dangerous for your home network. DMZs disable your router’s filtering ability, enabling all connections to come through. This exposes your PC to the web, so try and avoid this option whenever possible. 

Changing NAT types on a Linux PC

If you have connectivity issues using a Linux operating system, changing your NAT is left to the router. By default, Linux does not come with a firewall interface, making it more tricky. Unlike Windows, Linux doesn’t open ports without your permission, so it is a more secure platform. 

If you want to modify Linux firewall settings, you can use iptables, a utility program that helps with packet filtering rules. You can also use Firewalld, which is helpful for explicitly modifying firewall settings. 

Regardless, most of what causes Linux issues is related to the router. So try UPnP and port forward before getting into modifying settings on Linux.

Do Mac devices or IOS devices need NAT type changes?

The short answer: no. Mac devices also rely on the firewall to determine their NAT type. So changing the firewall on your router will change the NAT type. 

In cases where you have an Apple router, you need the AirPort utility. This utility is no different from the port forwarding settings on a regular router. You don’t need an Apple router, but if you have one, follow these steps for port forwarding:

  • While logged into the utility, go to the Network tab
  • Click “+” under “port settings”
  • Enter a basic description 
  • Enter the public and TCP/UDP ports based on what you find on PortForward.com
  • Insert the IP address of the device you want to target

Public ports are made to establish remote connections. Private ports are meant to open connections to your computer on the LAN. Both are required to establish a complete connection.

Why do we need NAT?

Network address translation allows computers to connect to the internet securely. The IPv6, or public address, is what your router publically provides. Meanwhile, IPv4 addresses are hidden from view. 

A direct connection of your computer to the outside world makes this less secure. Regardless, you will need an IPv6 address due to more IP addresses. If you have no LAN, fewer steps are necessary to establish an open NAT type. 

NAT types and online gaming

Whether you play Call of Duty, Elden Ring, or Fortnite, online gaming is a staple of our society.  So, how do the two relate? Typically, this comes in the form of multiplayer gaming.

You can guess from our earlier section that not all NAT types can connect. Strict NAT types only connect with open, Moderate NAT types connect with other moderate types and open types, and open types connect with everyone. 

When you play online, there are numerous NAT types you could connect with. When connecting to online game servers, you are limited by the people currently there. So strict NAT types cannot play with other similar types. 

If you are hosting a game server, the same situation applies. You can’t expect to let almost anyone connect without a moderate or open NAT type. This might be a problem for privacy-conscious individuals who refuse to change their NAT type. 

Can you change NAT types on gaming consoles?

Whether you play Xbox or Playstation, NAT types between console and PC gaming follow you. Much of this comes from the network connection from your device to the router. So by port forwarding or activating UPnP settings, you can change your NAT type on console gaming. 

The risk of changing your NAT type on consoles is no different from a computer. Your console typically contains important account data that might identify you. Xbox, a Microsoft product, gathers a whole ton of data from you from the use of Bing and the Microsoft Edge browser. 

While reducing your account information can help, the open port still is an issue.

What attacks can happen from an open NAT type?

Below is a list of potential attacks you can suffer from regarding an unsecured physical network:

Drive-by pharming

Drive-by pharming is when a hacker goes near a public or available network. Drive-by pharming relies on the unchanged factory settings, inserting unwanted open ports into the router beyond detection. 

Hackers can use these open ports to redirect connections to unwanted locations. You can unwittingly insert your user information into a hacker’s false website by being directed to fraudulent websites. 

NAT slipstreaming

NAT slipstreaming is where an attacker remotely accesses public TCP/UDP ports. This is a bypass of the NAT installed in most routers. This enables remote hackers to steal essential data on previously hidden servers. 

From this, any information stored by your router is public access. Users can take this information to understand more about you. Social manipulators can use this information to access financial data and other important information. 

Distributed Denial of Service Attacks (DDoS)

DDoS attacks happen when your device is overloaded and has to shut down. While this is more common in a business setting, it can happen to anyone. For example, if you trounce the local neighbor boy in the latest Call of Duty matchup, they might take some revenge. 

DDoS attacks are often used to take down critical security infrastructure. Previously closed ports open up when the system is down, enabling unwanted backdoors to become public. When used in company-based attacks, competing websites can take each other out to limit customer options.

How to protect yourself against NAT attacks

Need some assistance on how to prevent these attacks? Here are some tips:

Segregating your networks

By dividing your network into different sections, you can better secure more critical data. For example, file sharing servers are not something you typically want out and about. By establishing specific settings for different network segments, you prevent sensitive data from being lost. 

If you don’t 100% trust your friends, a guest network can prevent them from total access. This is a great idea when hosting parties, as everyone loves free WiFI.

Changing your router from factory settings

Most NAT-related attacks come from a router with known vulnerabilities. When a router is at factory settings, it doesn’t take a lot of effort to determine the defaults. Hackers rely on this most of the time to access data you would prefer they didn’t have. 

Good internet service providers will walk you through the process of setting up your unique admin username and password. Otherwise, you can use your knowledge of the factory defaults to get in and change things. 

Monitor incoming and outgoing traffic

Most routers have parental control or information gathering features built-in. While you wouldn’t want another company to get this, your having access provides a lot of information. In some cases, a regular review of this information will reveal if you have suspicious activity. 

To ensure you aren’t giving up your network data, keep an eye open for any activity towards unwanted websites. Having a page take an unusual redirection might also signify that there’s something wrong with your ports. 

Use a VPN

A virtual private network encrypts your computer’s data before leaving the PC. In these cases, even if a hacker were to get into your router, most of the information they could gather would be useless. However, you will still need to take extra steps against unwanted file sharing.

This is why it is so crucial for you to secure connections from both your computer and your router. Having two layers of protection is better than one. 

Wrap Up

NAT types work as a method of translation from private to public addresses. A bit of knowledge on the subject helps you with staying secure. To make the most out of that knowledge, make port forwarding whenever possible. By avoiding UPnP and open NAT types, you will reduce your exposure to the internet. 

Give us a shot with a 7-day free trial

Try The Fast VPN for free for 7 days on iOS, macOS, and Android with 30-day money-back guarantee

Get free trial

Download FastVPN mobile app for iOS & Android platforms.