OPNsense Forum

English Forums => General Discussion => Topic started by: Elryk on March 28, 2024, 07:37:10 pm

Title: Port Forwarding/NAT One Works One Doesn't
Post by: Elryk on March 28, 2024, 07:37:10 pm

I am having a little NAT trouble here. I have two NAT Port Forwarding rules setup. One for regular web ports (working correctly) and another for a game server (Empyrion) that started with the exact same config except IP and ports. The game server forwarding is not working. Here is the config:

Interface: WAN
TCP/IP Version: IPv4 (Empyrion does not use IPv6)
Protocol: TCP/UDP
Destination: WAN address
Destination port range: <Port Alias> (30000:30004, also tried 30000, 30001, 30002, 30003, 30004)
Redirect target port: <Same Port Alias as dest. port range>
Filter rule association: Rule
The rule was automatically created in WAN Rules and is enabled.

When a connection request is made from the WAN side, the firewall passes the traffic and logs it as passed but there is no response from the server. When I try to connect locally, everything works. I cannot get a response from the server from the internet or by pointing to the external WAN ip address in the request.

Things I have tried (none had any effect, positive or negative):
Switched to hybrid outbound NAT and adding a rule there for the outbound connection.
Changing to a different port range.
Pointing the game client directly to the external IP address (the server isn't showing in the connection list in-game).
Changing the destination in NAT from WAN address to the server IP Alias.
Changing NAT reflection to Enabled or Disabled.
Changed port alias from a range to multiple individually listed ports.

I had this setup and working on a Fortigate firewall before. I am not 100% sure, but I think there was a checkbox I had to enable to get it to work on the Fortigate. I have no idea what the checkbox was or if it was even for this server. I only mention it because I'm thinking that may be the case here and I'm just overlooking a setting/option that may be needed.

Has anyone setup a dedicated Empyrion server behind an OPNSense firewall? Does anyone have any tips, suggestions, or outright answers for this not working? Happy to provide any additional information if it is needed. Please keep in mind that I'm an OPNSense newbie, so if what you need is not in an obvious place, I may need some direction. Thanks in advance.

-Elryk

Title: Re: Port Forwarding/NAT One Works One Doesn't
Post by: Patrick M. Hausen on March 28, 2024, 08:27:13 pm

Does the server have the firewall as its default gateway?

Title: Re: Port Forwarding/NAT One Works One Doesn't
Post by: Elryk on March 28, 2024, 08:33:10 pm

Yes, and it sees the internet connection.