Filed under: Features, How-tos, Tips and tricks
How To: Using your Mac as a NAT router
No doubt you know that sharing your internet connection on your Mac is easy. For instance, if want to turn any Mac with a built-in Airport card into a wireless router (e.g. with a cable or DSL modem plugged into the built-in ethernet port), all you have to do is go to the Sharing pane of your System Preferences select it and hit start. However, what if you want to do something a little bit more complicated? In this tutorial I'll cover some other ways for turning your Mac into a router, including over FireWire and adding a second ethernet port via USB (which can be really tricky).
Introduction
Now before we begin, you might ask: why would I want to do this? Here's a few possible answers:
- Like me you're a cheapskate and you don't want to drop $180 for an Airport Extreme Base Station (or even $50+ for a third-party 802.11 base station).
- You have an old Mac (or better yet Mac Mini) that you want to serve as a home server, so why not let it be your router as well?
- Like me you've burned out a cheap consumer router with a high number of connections (think bittorrent) and would rather give the Mac direct access to the net to eliminate NAT errors and/or improve bandwidth.
- Because you can.
Now there are also some potential downsides to this as well, these include:
- Security. Connecting your Mac through a NAT router to your cable model or DSL gives you an extra firewall protecting your Mac from the meanies out on the net.
- Your Mac router has to be on anytime you want to use the Internet from another computer/device.
Okay, with that out of the way let's look at some of your options. All of the following scenarios assume you have your incoming internet (cable modem, DLS, etc.) connected to your Router Mac's built-in ethernet port.
Wireless
As I mentioned before, setting up a Mac as a wireless base station is perhaps the easiest option. All you have to do is go to the Internet tab of Sharing Preference Pane and start it (as pictured at the top). You will also, however, want to click on the "AirPort Options..." button and set up some sort of security as follows. Note that if you're planning to connect with a Windows computer (or some other non-Apple device) you'll need to stick to 5 or 13 character passwords. If you're all Apple, the passwords can be whatever you choose.
FireWire
A perhaps little known, and lesser used, networking feature of OS X is IP over Firewire. Macs can both share and receive network traffic through their FireWire ports. Setting it up is pretty much the same as setting up the wireless option. Just select the check box next to "Built-in FireWire," and you're good to go.
On the second Mac, you'll need to a make sure the FireWire networking port is active in the Network Pane of the System Preferences. Generally you'll just want to keep this set to: "Using DHCP."
FireWire networking was a bigger deal back before all Macs were shipping with gigabit ethernet. When most Macs were limited to 10/100 ethernet, FireWire was a faster (400Mpbs) option, however, FireWire can still be a good option since portable and consumer Macs (MacBook (Pro)s, iMacs, Mac minis) only have one built-in ethernet port (see the next section). So if you want to set up a wired network between these Macs (or even better, between older Macs) without buying any additional hardware, then FireWire can be a very quick and speedy option.
Adding Another Ethernet Port
Here's where things get interesting and setup becomes a little more difficult. What if 802.11 or FireWire are not options for whatever reason (e.g. wireless is too slow, you already have a Cat 5 network, etc.)? If you want to have your Mac serve as a router to a ethernet network you'll need to add a second ethernet interface to connect to that network. If you're fortunate enough to have a Mac Pro, it has two built-in ethernet ports, so you don't have to add anything. If you have an older PowerMac without a second ethernet port you can add in a PCI card. However, if you have a portable or a consumer Mac practically the only way to add a second ethernet interface is with a USB to ethernet adapter.
Fortunately, Sustainable Softworks (the makers of Mac router software I'll discuss later) offers a free Tiger-compatible Universal Binary OS X driver for several popular models of USB to ethernet devices using the Pegasus or AX8817X chipset, including models from D-Link, Linksys, and Netgear.
With this driver you can easily add a second 10/100 ethernet interface to your Mac through a USB 2.0 port (the driver also works with older Macs with only USB 1.1, but of course it will be limited by USB 1.1's theoretical 12Mbps bandwidth). I had a Netgear FA120 lying around, so that is what I used. Once you install the driver, the new network interface should appear in your Network Preference Pane. On mine you see that it is listed as en4 (because I have Parallels installed it has created two other ethernet interfaces, en2 and en3, en1 is Airport. On your machine, if you have not installed any other interfaces, it is likely that the new USB interface will appear as en2).
Now, you might think that once you've gotten this far all you'd have to do is go back to the Internet tab of Sharing Preference Pane, select the interface and start it up. While that may sometimes work (it's never worked for me, but I've found reports of it working), I have found that it's necessary to set up the network manually when sharing my internet over this interface. My circumstances may be special in part because the device I'm connecting to my Mac is a Xbox 360, but the same holds for some other devices hooked up though this ethernet interface including my MacBook.
Now, in my experience, networking settings often seem sort of like voodoo. I'm perfectly willing to admit that this may be simply because I don't fully understand what I'm doing. Nonetheless, in what follows I'll just report my own experiences in getting the interface working, in hopes that it will be useful to others.
So back in the Network Preference Pane, I set up my secondary ethernet interface as follows:
I've turned off DHCP and set the address to: 192.168.0.1 and the subnet to 255.255.255.192 In making these choices I was following a hint that appeared at macOSXhints back in 2002. Once this is done I went back to the Internet tab of Sharing Preference Pane, select en4 and start it.
Now on my other device (in this case a Xbox 360) I set it up as follows:
IP address: 192.168.0.2
subnet: 255.255.255.192 (this is the same subnet of the en4 USB interface, above)
gateway/router: 192.168.0.1 (this is the address of the en4 interface)
DNS: 192.168.2.1
(here's where the voodoo comes in, I have no idea why this DNS setting works. You would think it should be 192.168.0.1, or even the DNS server of my ISP, but those simply do not work. I suspect that it has something to do with sharing over Airport as well).
I've also found that this will only work properly if Internet Sharing is active for my Airport interface. If I turn off the Airport interface (en1), the wired interface (en4) also dies. With these settings in place, everything seems to work properly. Keep in mind you may also need to enable certain services (which will vary with your application) in the Services tab of the Sharing Pane:
As well as open certain ports in the Firewall tab of the Sharing Pane:
More Advanced Options
Using OS X's built-in Internet Sharing is probably good enough for most purposes, but if you have more complex applications you may want to consider some more advanced options. Of course, OS X Server will allow you much more flexibility, but also costs much more. As I mentioned before Sustainable Softworks also offers a free standing router application of OS X (Client) called IPNetRouterX for $100. Both of these options are obviously much more expensive, but also more versatile.
Conclusion
Setting up your Mac as a router is not for everyone, but for some applications it's mighty convenient. It is sometimes is a bit of a beast to get set up, but if you keep at it (sometimes, sadly, just with trial and error) you can probably get it going. Feel free to share your own experiences in the comments.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Bule said 8:10AM on 3-26-2007
Hi
Ive been using my mac as a router (router (no w-lan) -> me -> another computer) for quite some time now, BUT after a couple of hours or so the internet "fucks up".
I can only revisit those sites that ive already visited (as long as they have the same domain i can access any page) but i can no longer visit new sites. Teamspeak / World of Warcraft still work as long as i dont log off.
Does anyone have a solution for the problem?
Reply
starwxrwx said 9:19AM on 3-26-2007
The internet sharing is CRAP because you have to open all those firewall ports for it to work properly.
What's the point of a firewall if you have to leave it wide open?
Reply
Panzarino said 4:51AM on 3-27-2007
Unfortunately, if use this method to extend your network it wont work completely.
Say you already have a mac or router that shares it's internet connection we'll call this Network 1. If you take any mac connected to Network 1 and share it's internet connection using that method, you're effectively making a second network (Network 2).
Any computer or device connected to network 2 will receive an internet connection, but any other network function (AFP, FTP, etc) will only work with other macs on network 2. Any computer or device connected to network 1 will receive an internet connection, but again other network functions will only work with other macs on network 1. Get it?
Basically, Internet Sharing is only internet sharing when used as a bridging device. It does not forward AFP or any other networking connections across.
Reply
Miller said 12:50AM on 3-28-2007
Orb can do the same thing better if you have a 360 or PS3, or just want to browse live TV anywhere in the world.I have found that, even with this great Apple TV we still need a video converter (things like Apple TV Converter) in case to put our favourite movies onto Apple TV before playing them on TV Screen.
Best appkle tv converter
http://www.apple-tv-converter.net
Reply
Aron Trimble said 3:14PM on 3-30-2007
@Bule - Sounds like a DNS problem.
When the internet is working find the IP address of a website using network utility -> ping. Write it down.
If the internet goes down again, that website will probably still be in the DNS cache so don't do anything except what you would normally do to get the internet working again.
Now use the internet as you normally would, but DO NOT visit the site you wrote down the IP address for.
When the internet goes down, try visiting that site and if it doesn't work try pinging the IP address you wrote down. If that works, you have a DNS problem and need to use a different DNS server.
@Miller - please don't spam the comments with advertisements for unrelated software.
Reply
chill392 said 4:58PM on 4-19-2007
What if I want to use the wireless I am recieving and send it out to a non-wireless device through the unused ethernet port?
Reply
Otto said 7:52PM on 4-19-2007
chill392,
im trying to do exactly what you need. i've been messing with setting for about 3 days now.
this is my setup:
i get wireless from one side of the house. i have my wii in an area where that first wireless connection cannot reach.
now i have another wireless router that i want to use. i want to share my internet that i get to my mac to the second router using ethernet. i would use my second wireless router to feed internet to my wii.
please help someone.
thanks
Reply
Jacob Chaffin said 12:52AM on 4-20-2007
I am wondering if anyone has tried these methods to allow the mac to serve as the router for a xbox 360? I was told that it would in fact work but want to hear from other people. I am not going to be using wireless to connect the 360 so should I use the firewire method or the additional ehternet method. Any help (or a tutorial for what i need) would be greatly appreciated
Reply
Jairo De La Torre said 2:43AM on 4-21-2007
I'm trying to get my xbox online by just sharing my Mac's internet connection by enabling internet sharing via airport in the sharing pref tab. Anyone had luck with this yet. I'm a noob.
Reply
Mat Lu said 2:55AM on 4-21-2007
@8 & 9: I don't understand what you're asking for? You're looking at the tutorial for doing just that. I wrote this because I had struggled for a little while to share my internet from my Mac to my Xbox 360. The instructions above are what I used.
Reply
Jairo De La Torre said 3:56PM on 4-21-2007
Thanks for your help Mat Lu, but my question seems to be unique.
I have my cable modem connecting to my iMac via ethernet. I then use the internet sharing option on my mac to share the net with a few iBooks around my home as well as my Nintendo Wii.
I have an xbox 360 with a wireless usb adapter attatched to it. When I try to connect to the wireless network originating from my iMac it won't connect.
I'm wondering if someone has done this.
Reply
Jacob Chaffin said 5:24PM on 4-23-2007
I am goin to try and use my mac's airport wireless to fileshare with my 360.
I am wondering if i have to have the sanctioned microcoft usb network adapter or can any usb network adapter work...if any adapter will not, are there any that will that are a little more affordable? thanks for your time matt
Reply
Chris said 7:18PM on 5-21-2007
I'm not sure what everyone is complaining about...here is my setup:
G4/350MHz running 10.4.9 acting as a NAT router
Serving: 6 computers (5 Macs, 1 PC, and some Linux every now and then)
Services: NAT, Firewall, and AFP
Does it work? Hell yeah it does, the internet does not mess up, and is NEVER hacked into (set your f-ing root password!!!) It has been on for over a month now (software updates force restarts every once in awhile)
Other: I can access my server "Abrams" from ANYWHERE in the world (I use DYNDNS service, it gives a static name to a dynamic IP, works flawlessly) using remote desktop, or I can access AFP anywhere as well. So, people, before you bash on Macs or on the dude who wrote this, do your research. It just makes you look down right moronic otherwise.
Reply
Joe said 10:05PM on 5-30-2007
I can't get this to work with my MacBook Pro. Will it? Is it possible to take in a wireless signal and send it out the ethernet port to my 360? Anytime that I plug in the ethernet cord to my 360 it overrides my wireless access. Any answers would be beneficial.
Reply
cuvtixo said 12:48AM on 6-11-2007
wireless is much, much slower than ethernet. wireless can do bursts of speed but I find in practice, web access is often as slow as dial-up going from wireless to ethernet connection.
Panzarino totally confused me rather than clarified anything. I don't use my router for much else except email and browsing so I wasn't clear at what else he would be doing- . "Internet Sharing" is what it says it is, its not for other general or specialized "Network" purposes. For an x86 machines, there are linux and un*x software router solutions, but I know of no others for PPC other than OSX server and IPNetRouterX.
Reply
JLIT said 7:44PM on 11-18-2007
Internet Sharing with XBOX 360 Live via Leopard caused me to have some issues that I never had before with the same settings that functioned when I had Tiger installed. The problem was with the DNS number (192.168.2.1) inside the settings menu of my dashboard (xbox). What you need to do is replace the manually entered (192.168.2.1) with your ISPs given DNS which can be found in your advanced settings in the network connections. This seemed to solve my XBOX Live connection problems so hope it helps others.
Reply