Issue with Operation Flashpoint Server
-
Hi guys, I've recently made the move to Pfsense 1.2.3RC1 running on an ALIX 2C2 without any issues.
However, I'm not able to host my Operation Flashpoint server over the internet as I could previously on Ipcop.
I've created NAT forwarding rules for the following ports to the server. (Windows 2008 Standard without firewall service enabled)
2300-2400 TCP/UDP
2234 TCP/UDPThe relevant Firewall rules were created automatically, however the server is not accessable through the Gamespy master list or through direct IP (Dyndns hostname)
I've read up on the issue, and have also created an outbound NAT rule as I thought the issue may be down to the 'Static Port' problem.
I simply enabled Outbound Advanced NAT (AON) and then edited the default rule to pass any traffic. No dice.
NAT Reflection is disabled, and works perfectly for a number of websites I host, as I am able to access the sites via the external domain.
I'm open to any suggestions/diagnostics I can run to get this issue sorted.
Thanks in advance.
-
When you created the AoN rule.
Did you actually configure the AoN rule with the "static port" option? -
Yep, I've tried simply ticking the 'Static Port' option on the default rule that is created and I've also tried creating a new outbound rule for the port OFP listens on (2302) and making sure it was moved to the top of the list.
It's a perculiar issue, as I'm able to port forward successfully for a Condor Soaring Server I host too, and the server is visible from the outside, everything also works for my Teamspeak 2 server.
I've enabled logging for all of the OFP rules I've created, and I can see from the logs that the traffic is allowed through from one of the Gamespy Master servers to the internal IP of the server.
However, if I run ShieldsUP against any port in the 2300-2400 range it states the port is stealthed.
It would be nice to get this working properly, otherwise I'll probably have to stick to using PPTP/OpenVPN to allow the players to connect.
Any other ideas would be greatly appreciated :)
-
Double check that you are allowing the traffic in the firewall rules from any address and any source port. Run shields up on the ports you have forwarded and look at the firewall logs to see if anything is blocked.