Security IT/NAT

nat was created as a response to the shrinking pool of IP addresses. in short, we get one variable IP address from an ISP defined from a specific APN, goes through the router and directs to a specific computer in own WAN network with private addresses.

bypass NAT restrictions
a few words explaining

Full-cone NAT
usually do not need to do here, sometimes must use port forwarding

(Address)-restricted-cone NAT

 * 1) Run uPnP/NAT-PMP/UPnP-IGD/PCP
 * 2) Set static private IP, optionally DDNS.
 * 3) if doesn't work, use port forwarding
 * 4) If doesn't work, use Port Triggering
 * 5) If doesn't work, use DMZ

Port-restricted cone NAT

 * 1) use UDP hole punching
 * 2) if doesn't work, try TCP hole punching
 * 3) optionally, try ICMP hole punching
 * 4) UDP multi-hole punching (mirror)

Symmetric NAT

 * 1) sequential hole punching
 * 2) Use Supernode

Cgnat
Investigation "tcpFallbackActive": false
 * The only reliable solution that I've found so far has been to use IPsec VPNs initiated from behind the NAT.
 * ZeroTier can traversable CGNAT. If you follow the recommendations) (It mainly boils down to opening the port in the firewall) it is the probability that value

For all types NAT (probably)

 * Install zerotier and set bridge mode. It possible bypass NAT and open port