Good Morning,
Background: My MIL is in an ex-Soviet country, where I visited her. She gets FTTH via Huawei 8240 CPE. It is connected via optic fibre, not POTS.
I was asked to install a WAP in her point, which I did. Since the WAP was on client-server dhcp mode, I used "IP scanner" to find the DHCP assigned IP address of the WAP on the LAN side. The scanning never finished, and after 10 minutes I found out that there were 1000 hosts on the same subnet! which was a shock. It looks like that the ISP has "PATed" into various homes.
So her home hosts all get "public IP addresses" at any time. I was only looking for a 192.168.xx.xx address, but they all are public IPs.
My questions:
1: Why their ISP has not used NAT on the LAN side? Why all customers on same subnet look like on a DMZ?
2: How do I protect her home PC now, since I know this might be a security flaw?
for eg: SKY UK forces you to use their own modem. Way around is easy by doing a double NAT (not the best but ok)Good router >SKY UK Router> DSL
3: IS there a way I can protect MIL's home network but still using the ISP modem/router?
thank you
Himanshu