OPNsense Forum
Archive => 21.7 Legacy Series => Topic started by: Mencius on September 27, 2021, 01:29:36 pm
-
Hello all
I am trying to host an old game server (UT2004) to play with a few friends but I cannot get the port forwarding to work. The game server needs UDP ports 7777, 7778, 7787 and TCP port 28902. I have researched this thoroughly and set it up as best I can but I am a beginner (relatively) and I am struggling to understand why it won't work.
I believe my interfaces are simple. I have 1xLAN and 1xWAN interface. I am using IPV6 and IPV4. WAN is by DHCPV4 and DHCPV6. The IPV6 WAN is track interface with the LAN DHCPV6 server also running. The IPV4 LAN is just 192.168.1.0/24, no other subnets, VLANS or anything else. I am also running the UPNP plugin.
I have made no changes to the default firewall rules.
I wish to forward traffic to a LAN PC which is 192.168.1.6. My port forward rule and aliases are in the attached screenshots of the same name. I enabled "reflection for port forwards" and "automatic outbound NAT reflection". When creating the port forward rule I chose the "add associated filter rule" option and there is a linked rule present in the firewall WAN rules.
However, my game server is unreachable, nobody can connect.
Did I misconfigure something? Can I provide any other information that would help determine what is wrong?
I would be very grateful for any help or suggestions.
-
Did you “Apply” after creating the aliases?
-
Hi, thanks for the reply. Yep, I applied and saved as I went.
-
Can’t see anything obviously wrong with your config. Have you checked the logs to see if traffic is flowing (with logging enabled for the port forward obviously)? Maybe it’s a firewall issue on the PC?
-
Thanks very much for looking at the settings. I haven't tried logging yet but it's great to know there's nothing glaringly wrong with my setup as I wasn't sure if I'd done it right.
I can move on to troubleshooting the client and the application then and see if logging gives any insights.
There are so many gremlins trying to get old software like this to work so it might be a few things....
-
I wanted to add a post for anyone who may read this thread while troubleshooting something similar.
While I haven't tested to see if this is solved I think I found the problem.
I did not realise that with my ISP I am behind carrier grade NAT. For beginners like me the way you can tell whether you are behind cg-nat or not is to check your IP address (ipv4 for me) in the router and then check your public IP address (Google what's my ip or similar). If they are different you may be behind cg-nat and despite your best efforts you may have trouble hosting things like old game servers. Fortunately I can call my ISP and opt out of cg-nat which I will do when their customer service is open later today.
Anyway, just an important thing to check in troubleshooting that I had overlooked. IPv6 is I guess the long term solution and my ISP are great in offering early support for it but I'm not sure IPv6 will help me host a 2004 era ipv4 game server!
-
LOL. Yes, CG-NAT (or even just port blocking) by your ISP will break home hosting unless other measures are implemented, such as VPN tunnelling or straight IPv6. You can generally tell if you are on CG-NAT if the IPv4 address on your router’s WAN interface is in the range 100.64.0.0/10
-
Hi Mencius,
Do you want to try the option pass in Filter rule association field? See if that helps? I also found this message (https://forum.opnsense.org/index.php?topic=6320.msg26844#msg26844) which solved it for me.
To recap there are 2 avenues by which it works for me.
1. Use pass in Filter rule association
2. Use associated/unassociated but you would have to also tick "Disable reply-to on WAN rules" in Firewall -> Settings -> Advanced
Cheers
-
Most of the time, when I failed to connect to an older game server, it was something about the server's IP address or my PC.
I am not an expert, but I hacked most of the games I had issues with because I could not find any means to buy such old games back then. I didn’t have a Steam account, and my only way was to download those games from torrents. I know it’s not the most ethically approved way, but I barely had any choice. I am also grateful to the Guided Hacking Forum (https://guidedhacking.com) for the help in hacking multiple games and apps. They had really good guides and manuals on what you have to do in one or another case.