Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    game server connection issue

    Scheduled Pinned Locked Moved General pfSense Questions
    16 Posts 3 Posters 1.4k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      Pahtriac @stephenw10
      last edited by

      @stephenw10 Naamloos1.jpg Naamloos2.jpg Naamloos3.jpg

      P 1 Reply Last reply Reply Quote 0
      • P Offline
        Pahtriac @Pahtriac
        last edited by

        Naamloos4.jpg

        1 Reply Last reply Reply Quote 0
        • stephenw10S Offline
          stephenw10 Netgate Administrator @stephenw10
          last edited by

          @stephenw10 said in game server connection issue:

          And 10.10.2.122 is the game server?

          So, no, it's 10.10.2.9?

          @stephenw10 said in game server connection issue:

          Can we see the full firewall logs, not the reduced version in the dashboard widget.

          We need the full logs from Status > System Logs > Firewall

          The LAN rules are allowing everything so those blocked packets are probably just FIN-ACK or RST-ACK.
          https://docs.netgate.com/pfsense/en/latest/troubleshooting/log-filter-blocked.html#troubleshooting-blocked-log-entries-for-legitimate-connection-packets

          Steve

          P 1 Reply Last reply Reply Quote 1
          • P Offline
            Pahtriac @stephenw10
            last edited by

            Sorry for that yes it was 10.10.2.9, was very late for me.FWLOG1.txt

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by

              Ok, there are no blocked connections from the game server (10.10.2.9) shown there but there are some from .126:

              Sep 2 08:25:47	LAN	Default deny rule IPv4 (1000000103)	  10.10.2.126:50900	  172.217.168.195:443	TCP:FA
              Sep 2 08:25:47	LAN	Default deny rule IPv4 (1000000103)	  10.10.2.126:47250	  34.192.124.236:443	TCP:RA
              Sep 2 08:25:47	LAN	Default deny rule IPv4 (1000000103)	  10.10.2.126:47024	  44.241.61.161:443	TCP:RA
              Sep 2 08:25:47	LAN	Default deny rule IPv4 (1000000103)	  10.10.2.126:43556	  216.58.214.3:443	TCP:FA
              

              Those are as described in the linked doc above, TCP flagged FA and RA, so expected.

              If those port forwards are correct I would expect it to work. I note though that the rules on WAN to pass traffic to them show 0 states and almost no traffic. It looks like nothing has tried to connect.

              Steve

              P 1 Reply Last reply Reply Quote 0
              • P Offline
                Pahtriac @stephenw10
                last edited by

                @stephenw10 Sorry mate it make all no sense to me that if i run a game server on a machine this server should have the same IP as the machine it runs on and not get locked out on a bunch of ipv6 and a random IP that shows up, it is getting way to complicated for me, with flags that should not be there.
                If you have clear rules that state ANY with no exceptions al all actualy mean most rules with a few exceptions. (IMHO)

                Thanks for the help anyway.
                ill be switching back to the ISP modem that is less problematic for ppl like me.

                WKR
                Petrus

                1 Reply Last reply Reply Quote 0
                • stephenw10S Offline
                  stephenw10 Netgate Administrator
                  last edited by

                  Just to be clear, from what we have seen there is no problem here. The blocked traffic you are seeing in the firewall logs is expected, it's not actually blocking connections.
                  It just looks like nothing has tried to connect. How are you testing it?

                  Steve

                  P 1 Reply Last reply Reply Quote 0
                  • P Offline
                    Pahtriac @stephenw10
                    last edited by

                    i start the game server from console on the ubuntu server PC via VNC on my laptop then i go to steam and see if the server is online on the steam list and direct-IP list there it shows on the LAN part but not on the external list.Naamloos6.jpg

                    M 1 Reply Last reply Reply Quote 0
                    • M Offline
                      marvosa @Pahtriac
                      last edited by marvosa

                      @pahtriac According to the wiki, at least one contributing factor appears to be misconfigured port forwards:

                      a1793002-e151-41a7-91f0-3a637dea5d02-image.png

                      Ports 27003, 27020, and 27021 should be forwarded with UDP.

                      P 1 Reply Last reply Reply Quote 1
                      • stephenw10S Offline
                        stephenw10 Netgate Administrator
                        last edited by

                        Are you testing from a game client behind pfSense and trying to use the external IP?

                        That's not a good test if so and isn't expected to work by default. That would explain why the rules showed zero states.

                        You should test from a remote public IP. If you really need that to work internally though you can enable NAT reflection:
                        https://docs.netgate.com/pfsense/en/latest/recipes/port-forwards-from-local-networks.html

                        But you should not need that and you should be aware that it's not actually testing the port forward.

                        Steve

                        P 1 Reply Last reply Reply Quote 0
                        • P Offline
                          Pahtriac @marvosa
                          last edited by

                          @marvosa good that you saw that that was to see if it would have worked with tcp and forgot to put them back to udp.
                          i can show you that even with the correct protocols it still does not work. :(

                          1 Reply Last reply Reply Quote 0
                          • P Offline
                            Pahtriac @stephenw10
                            last edited by

                            @stephenw10 i can see this aswell by browsing tru the steam server lists. it is not showing there where it did when i was using my ISP modem/router aswell the WAN side of the game client direct IP connection was showing green then.

                            P 1 Reply Last reply Reply Quote 0
                            • P Offline
                              Pahtriac @Pahtriac
                              last edited by

                              i hooked up my laptop's wifi to my cellphone and tried to get connection to the server my ISP's IP was still unreachable

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S Offline
                                stephenw10 Netgate Administrator
                                last edited by

                                Do you see states/traffic on the port forward WAN firewall rules when you try to connect?

                                Or you can enable logging on those rules connections using them will show in the firewall log as passed.

                                Steve

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.