Ssh

EDITOR’S NOTE – 08-07-2023 – This article has been updated to fill in missing info and explain better some misunderstood concepts.

For those of us using SpaceX satellite internet, we have had a great means to have internet in virtually any location now, but it does come with some caveats. One major one is the fact that SpaceX satellite networks are CGNATed (Carrier grade NAT). For those that don’t know what that means, NAT, which is used by virtually any router/modem to redirect an internal network (ie., 192.168.1.x, etc) to a public IP. This has allowed people and business to have many devices behind a NAT and only require one Public IPv4 address. Due to the limited nature and massive amount of end devices that now exist NATing is very important so that we don’t run out of IPv4 addresses. Another way that phone carriers like Verizon and Tmobile, hence the name Carrier Grade NAT, limit the amount of public IP addresses they need to purchase or maintain is by creating a NAT behind a NAT. This means that most end devices connected to a phone carrier’s network/tower are all within the same private IP range whether it be 192.168.x.x, 172.16.x.x, or 10.x.x.x. They also make it to where clients to see each other for obvious security reason. The one thing that CGNAT does not let you do, which is what I want to focus on for this blog page, is the inability of port forwarding.