πŸ‡§πŸ‡·πŸ‡ΊπŸ‡ΈπŸ‡ͺπŸ‡Έ
Home » Articles » Connection Issues

Why Can't My Friends Connect? (CGNAT)

You followed all the steps: installed the server, opened port 25565 on the router, disabled the firewall, and yet, your friends receive the "Connection Timed Out" error. A very common reason for this is not a configuration error on your part, but a barrier at your internet service provider (ISP) called CGNAT.

1. What is CGNAT? (Explaining simply)

Imagine that your IP address is your house number. In the past, every internet connection received a unique number. With the growth of the internet, the number of addresses (IPv4) ran out.

To solve this, ISPs created CGNAT: they place multiple customers within the same public IP address. It's as if you lived in a huge building where all mail arrives at a single address and gets stuck at the provider's reception, without your router knowing they should go to your computer.

2. How to identify if you are on CGNAT

Before calling your provider, you need to be sure this is the problem. The test is simple:

  1. Access your router's panel (that Gateway IP we saw in the port forwarding guide).
  2. Look for WAN IP or Internet Status within the router menu.
  3. Now, open the website WhatsMyIP.org and see what number appears there.

The diagnosis: If the IP that appears inside your router is different from the IP that appears on the WhatIsMyIP site, you are on CGNAT. Generally, CGNAT IPs start from 100.64.x.x to 100.127.x.x.

3. How to solve the problem

If you have confirmed that you are on CGNAT, the settings on your router will never work alone. You have two paths:

A. The "Rollback" (Calling the ISP)

You can call your ISP's technical support. The technical term you should use is requesting a "CGNAT Rollback" or asking to be placed on a "Dynamic Public IP".

Often, claiming that you need to access security cameras (CCTV) or work via VPN helps the attendant understand the need for a public IP. Some providers do this for free, others may try to charge for a "Static IP".

B. Software Alternatives (Tunneling)

If the provider does not cooperate, you can use tools that create a "tunnel" to bypass CGNAT:

  • Playit.gg: Currently the best option for Minecraft. It provides a global IP address without you needing to open ports or leave CGNAT.
  • Ngrok: Widely used by developers, but has limits in the free version.
  • ZeroTier / Hamachi: They create a virtual private network, but require all your friends to also install the program.

Conclusion

Understanding CGNAT is the secret to stop getting frustrated with settings that seem right but don't work. If your goal is a professional and stable server for many friends, fighting for your Public IP with the provider is always the best path!