Unreal Tournament 2004 Server



  • Has anyone successfully setup and Unreal Tournament 2004 server behind a pfSense NAT firewall?

    I forwarded ports:
    7777-7778 UDP
    7787-7788 UDP
    28902 TCP
    Allowed all ICMP

    to my unreal server but I cannot connect from WAN. I used to have this same problem on my SOHO router and I remember you had to select "Allow Anonymous WAN requests" in order for it to work.



  • Make sure you have the correct rules under the WAN interface to allow this traffic to your internal IP.



  • When I forwarded the ports I checked the box to add the rules to the firewall automatically. I double checked the LAN IP.



  • I think you may be missing a port, 42292, otherwise it is something with your configuration. With the right NATs/Rules there is no other reason why a UT server would not be accessible. Watch your logs for denied incoming packets and that should help you debug what you need open.

    http://portforward.com/cports.htm



  • Maybe you need some static ports for this to work (search the forum for "static port"). Another option might be turning on miniupnp though I'm not sure if the game supports upnp. Give it a try. If it does it should show some mapped ports at the miniupnp status page.



  • I really appreciate all the help I am getting.

    I added 42292 to the my forwards and rules, no change.
    I already have miniupnpd installed, and I don't believe UT supports UPnP.

    A few questions:
    How do I view my NAT table over SSH?
    Where can I see my denied incoming packets?



  • status>systemlogs, firewall tab. Clicking on the icons in front of the line will tell you what rule triggered the block. The easiest way to show your NATs is from the webgui at diagnostics>states.



  • Well I forwarded ports 1-65535 to my unreal server and no dice. Something else is causing this problem.

    Quick question on static ports. Do SOHO routers do static ports by default? This was working on my linksys.

    It this point I'm stumped. Maybe I'll try to change my WAN IP, maybe the master server flagged my IP for some reason.



  • @LawnMowerGuy1:

    Well I forwarded ports 1-65535 to my unreal server and no dice. Something else is causing this problem.

    Quick question on static ports. Do SOHO routers do static ports by default? This was working on my linksys.

    It this point I'm stumped. Maybe I'll try to change my WAN IP, maybe the master server flagged my IP for some reason.

    I am not sure what could prevent it from working now when it did work on your Linksys. The only thing I can think of is that something is configured improperly. If you want you can PM me a copy of your NATs and Firewall Rules, and I will take a look at your them to see if anything is incorrect.



  • I sent you a PM.



  • Your NATs and rules look ok. Are you running Snort?



  • Not running snort.



  • Is anything coming up in your logs when you try to connect?



  • In my firewall log I have a bunch of these:

    BLOCKED WAN  207.38.8.16:1111  MyIP:7800  UDP

    I click the red X and get this:
    @73 pass in quick on xl0 inet proto tcp from any port =ftp-data to (xl0:1) port > 49000 user =62 flags S/SA keep state label "FTP PROXY: PASV mode data connection"

    207.28.8.16 belongs to GameSpy Industries ICI-GAMESPY-3. GameSpy is a UT affiliate, it seems I shouldn't be blocking this traffic.

    This might be the culprit right here.



  • Still can't figure out why this isn't working…..



  • How are you testing to see if the server is working or not?



  • I enabled reflection and I try to connect from the WAN IP.



  • If possible, test your nats and firewall rules from outside the firewall. Looks like we might still have some bugs with UDP reflection.

    http://forum.pfsense.org/index.php/topic,2202.0.html



  • hmm that could be it, are any of the snapshots any better?



  • Just wondering. With all the ports that you have opened originally, were other people able to connect to your server from the Internet? Have a friend see if they can see your server listed in the UT2004 browser.
    If they can and they are able to connect to it, then just try connecting to your INTERNAL IP address and the correct port from your client. I occasionally run game servers and am able to host to Internet clients and play using my LAN IP for my server.
    I haven't run a server in a while, but I was running both Quake 4 and a UT2004 server with pretty much just the UDP client ports open. I know the only issue I was having with UT2004 was the "ping" would show up as "n/a" in the master browser list for UT2004. Other than that, people were able to connect no problem.

    Hope this helps



  • I am just going to mention this to make sure its covered, but make sure that you do not have the option to create NAT reflect disabled. You can find this option under System>Advanced, down on the bottom under NAT. Make sure you do not have this checkbox checked, if you want to be able to enter your public IP on your LAN side.


Log in to reply