Friends outside the network cannot connect

Technical Support
,
1

OS Name/Version: UnRaid OS (6.12.6), Debian VM (12) headless

Product Name/Version: AMP (2.5.1.2) Palworld ()

Problem Description:
Cannot connect to instance using “PublicIP:Port”, attempting to results in a timeout error.
I can connect to the server locally using “LocalIP:Port” and port as listed in the instance. We have setup port forwarding on my router, see below.

image
image832×366 26.4 KB

I verified the instance is listening for these ports using “ampinstmgr ports Palworld01”
image
image835×230 48.4 KB

Troubleshooting resources:

Key take away: “If you’re connecting from outside your home network, you’ll need to use port forwarding on your router to forward the port AMP is running on to the servers internal IP address. Then you can navigate to your external IP on the same port. You can find out your external IP at https://whatismyip.com/
Initially I was handing out my local IP and hadn’t setup port forwarding, this was one of the initial troubleshooting steps I took. Now I’m using my PublicIP:Port.

  • Is the application running?
    Yes, the application is running
  • Is the application listening?
    Yes, see the above photo result of ampinstmgr ports Palworld01
  • Are the firewall rules correct?
    This is where I am unsure, Unraid doesn’t have any firewall built in as far as I am aware. The debian VM running on unraid is a minimal install. ampinstmgr dumpfirewall returns something to the effect of no firewall installed.

Steps to reproduce:

  • Step 1: Setup Instance
  • Step 2: Successfully connect via local network
  • Step 3: Have friends connect via public IP:port, timeout error
  • Step 4: Verify port forward, no dice.

Actions taken to resolve so far: Verify port forward, tested locally and publicly. tried installing on a windows machine as well, same problem. Read lots, phone IT friend. Scratch head. Everything seems to point to port forward issue but I have no idea if i am doing it wrong.

2

@CubeCoders-Bot could you take a look at this? My guess given that connecting from the internal IP work then it’s probably a port forwarding issue.

3

Okay, let’s see if we can untangle this mystery knot.

First thing’s first: Since you can connect to the server locally but not externally, it definitely sounds like a port forwarding problem. Let’s make sure the basics are all covered:

  1. Port Forwarding Setup: Double-check that your router has proper port forwarding rules. The ports listed by ampinstmgr ports Palworld01 need to be forwarded to the internal IP address of your Debian VM.

  2. Firewall Rules: Even though you mentioned UnRaid doesn’t have a built-in firewall, it’s worth triple-checking the Debian VM to ensure there’s no firewall blocking the ports. You can use ufw (Uncomplicated Firewall) on Debian to check this or simply disable it if you’re sure there aren’t other firewalls configured:

    • Check firewall status: sudo ufw status
    • Allow a specific port: sudo ufw allow <port>/tcp
    • Disable ufw: sudo ufw disable

  3. Router Settings: Some routers have extra settings under the port forwarding section, like making sure the device is assigned a static IP inside your local network and any specific “game” or “server” modes are on.

Give these a whirl and see if anything stands out. If it’s all clear and still no luck, we can dive deeper. Keep me posted!

:robot: This post was produced by an AI controlled by CubeCoders Limited - Feedback
4

I will double check the ufw when I get home

5

Awesome. Sounds like a plan. Also, while you’re at it, just confirm that the port numbers match exactly what ampinstmgr spits out and whatever you’ve put in the router’s forwarding rules.

Don’t forget to check if your Debian VM got a dynamic IP from your router. If it does, it can change, and your port forwarding will point to the wrong place next reboot. Assigning a static IP to your VM is a good move.

Let me know how it goes! :crossed_fingers:

:robot: This post was produced by an AI controlled by CubeCoders Limited - Feedback
6

The ufw command is not found
image

7

No worries, ufw might not be installed by default. You can install it easily or check if there are any other firewall rules in place. Here’s how to get it installed:

  1. Install ufw:

    sudo apt-get update
sudo apt-get install ufw

  2. Check and manage ufw:

    • To check the status after installation:
      sudo ufw status
    • To allow a port:
      sudo ufw allow <port>/tcp
    • To disable ufw:
      sudo ufw disable

If you’re not keen on installing ufw, you can also check for iptables rules directly:

sudo iptables -L

Let me know if that helps! :rocket:

:robot: This post was produced by an AI controlled by CubeCoders Limited - Feedback
8

Would installing UFW even help? if the issue is a firewall adding another one deosnt seem smart. Also iptables command is also not found.
image

9

You’re right; installing ufw would just be for managing firewall rules if one existed. If iptables isn’t found, it might not be installed either. Let’s handle this without adding extra layers for now.

Given that UnRaid and the Debian VM both don’t seem to have apparent firewall setups, it might be purely a port forwarding issue on your router. To make sure it’s not an ISP-side block or other router restrictions, try these steps:

  1. Verify Port Forwarding:

    • Double-check in your router’s settings that you’re forwarding the correct ports to the correct local IP of your Debian VM.
    • Ensure the forwarding protocol (TCP/UDP) matches what’s required by your game server.

  2. Static IP for VM:

    • Confirm your Debian VM has a static IP in your router settings. Sometimes reboots can mess up port forwarding if the IP changes.

  3. Check for ISP Restrictions:

    • Some ISPs block certain ports by default. To check, you can try using an online tool like canyouseeme.org to see if the port is accessible from outside.

  4. DMZ Option on Router:

    • As a temporary test, place your Debian VM in the DMZ (Demilitarized Zone) of your router settings, which will expose it to the internet.
      Warning: This exposes your VM to potential threats, so only do this temporarily for testing purposes.

If you’re still stuck after all that, let me know, and we can think of some other steps or tools to pinpoint the problem. Hang in there! :sweat_smile:

:robot: This post was produced by an AI controlled by CubeCoders Limited - Feedback
10

Use ampinstmgr dumpfirewallas root to see what AMP thinks the local firewall situation is. If there is no local firewall then things will indeed not work properly.

11

Alrighty, let’s go with Mike’s suggestion. Run the following as root on your Debian VM to see what AMP thinks about your firewall situation:

sudo ampinstmgr dumpfirewall

Post the output here as text so we can take a look at what AMP finds. This should help us understand what’s going on with any firewall settings or lack thereof. :clipboard:

:robot: This post was produced by an AI controlled by CubeCoders Limited - Feedback
12

Alright. I have finally got this working. The problem was the modem from the ISP. My router sits downstream from the modem, in bridge mode, but for whatever reason bridge mode doesn’t actually bridge unless you also turn off NAT manually. IDK why the default setting for bridge mode is double NAT and no pass through but this is centurylink at its finest.

13

Ah, the good ol’ double NAT trap! That explains everything. ISPs and their lovely quirks, eh? :sweat_smile:

Glad to hear you’ve got it working. Sometimes it’s those sneaky hidden settings that get you. If any other issues crop up, feel free to give us a shout. Happy gaming! :video_game::sparkles:

:robot: This post was produced by an AI controlled by CubeCoders Limited - Feedback
14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.