Unturned Dedicated Server Port Foward Help through VPN gateway

augentism · February 19, 2023, 9:05pm

Hello all, I am trying to setup a dedicated server and I believe that I am having issues forwarding ports necessary to connect to the server form the internet.

Currently, my setup consists of a VPN server that is acting as my “router” or gateway to the wider internet, and a laptop server permanently connected to said vpn that does the actual hosting.

I have a range of ports already forwarded (25565-25600) and I have verified that they work and are forwarded by running a different server on those ports and checking canyouseeme.org. (three guesses as tho what i tested with, and the first two don’t count)

I have decided to try and run an Unturned server on those ports since they were already forwarded and setup. This is what my iptables rules look like at the gateway:

root@server:~# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     udp  --  anywhere             anywhere             udp dpt:1369
2    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:25565
3    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:1368
4    ACCEPT     udp  --  anywhere             anywhere             udp dpt:25565
5    ACCEPT     udp  --  anywhere             anywhere             udp multiport dports 25566:25600
6    ACCEPT     tcp  --  anywhere             anywhere             tcp multiport dports 25566:25600

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
2    ACCEPT     all  --  10.8.0.0/24          anywhere
3    ACCEPT     tcp  --  anywhere             10.8.0.2             tcp dpt:25565
4    ACCEPT     tcp  --  anywhere             10.8.0.2             tcp dpt:1368 state NEW,RELATED,ESTABLISHED
5    ACCEPT     udp  --  anywhere             10.8.0.2             udp dpt:25565
6    ACCEPT     tcp  --  anywhere             10.8.0.2             multiport dports 25566:25600 state NEW,RELATED,ESTABLISHED
7    ACCEPT     udp  --  anywhere             10.8.0.2             multiport dports 25566:25600 state NEW,RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
root@server:~# iptables -t nat -L --line-numbers
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    DNAT       tcp  --  anywhere             anywhere             tcp dpt:25565 to:10.8.0.2
2    DNAT       tcp  --  anywhere             anywhere             tcp dpt:25565 to:10.8.0.2:25565
3    DNAT       tcp  --  anywhere             anywhere             tcp dpt:1368 to:10.8.0.2:22
4    DNAT       udp  --  anywhere             anywhere             multiport dports 25566:25600 to:10.8.0.2
5    DNAT       tcp  --  anywhere             anywhere             multiport dports 25566:25600 to:10.8.0.2

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    SNAT       all  --  10.8.0.0/24         !10.8.0.0/24          to:[serverip]

I understand that Unturned needs 3? ports. unturned.info has conflicting information saying that it needs 3 ports but only telling me to forward 2 of them.

On the server end I have configured Commands.dat to use the different ports I have assigned. This is what my Commands.dat looks like:

Map Germany
Port 25565
GSLT [GSLT I have]
Password [password]
MaxPlayers 80
Name server

By all appearances, this seems to work. I launch the server using:
./ServerHelper.sh +InternetServer/MyServer
and when I try to connect using the ““local”” ip while connected to the vpn, it works. If i put in 10.8.0.2 for the ip and 25565 for the port i can connect to the server.

But when I try to connect using the external ip, it doesnt work. canyouseeme.org does not detect a server running on any ports within the range with error: Connection Refused.

The ports definitely work. I can see other servers running on the same ports on that machine throught eh external IP. But when shut those servers down and run the Unturned server instead it does not work.

The server is running on Ubuntu 22.04.2 LTS and connecting to the gateway through OpenVPN

Any help is appreciated

Thanks,
Augentism

MoltonMontro · February 20, 2023, 12:32am

If you suspect that the server isn’t bound to the right IP address, you could try adding the bind [IP Address] command to your Commands.dat. Although for a vast majority of players/cases, this shouldn’t be necessary.

unturned.info is an unofficial fork of our official documentation. As a result, it’s more likely to be outdated. For our official documentation, you’d want to go here instead: Unturned-Docs/ServerHosting.md at old-markdown-archive · SmartlyDressedGames/Unturned-Docs · GitHub

Unturned only needs two ports. By default, that’s 27015 and 27016.

What’s the error message you receive from in-game, when attempting to join?

augentism · February 20, 2023, 2:37am

I managed to fix it. The solution was using the default ports instead of the custom ports. I added the following iptables rules to accomodate using the default ports:

-A FORWARD -d 10.8.0.2/32 -p udp -m multiport --dports 27015:27016 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
and
-t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 27015:27016 -j DNAT --to-destination 10.8.0.2

.
.
.

I did try to get the custom port to work but I ran into the following issues:

The error message I receive In game when trying to connect is “Failed to find a server”

Binding to an ip address didn’t work, nor do I really understand what it does. Trying to bind it to my external ip (The ip of the vpn server) throws the following error:

CAppInfoCacheReadFromDiskThread took 1 milliseconds to initialize
CreateBoundSocket: ::bind to port 25565 returned error EADDRNOTAVAIL(99)
Setting up 6 worker threads for Enlighten.
  Thread -> id: 7fbec1579640 -> priority: 1
  Thread -> id: 7fbec0d78640 -> priority: 1
  Thread -> id: 7fbe2ffff640 -> priority: 1
  Thread -> id: 7fbe2f7fe640 -> priority: 1
  Thread -> id: 7fbe2effd640 -> priority: 1
  Thread -> id: 7fbe2e7fc640 -> priority: 1
CreateBoundSocket: ::bind to port 0 returned error EADDRNOTAVAIL(99)
src/tier1/fileio.cpp (5164) : m_vecRegisteredWriters.Count() == 0
src/tier1/fileio.cpp (5164) : m_vecRegisteredWriters.Count() == 0

To troubleshoot this I checked to see if those ports were in use so i ran sudo lsof -i -P -n in 2 different conditions to troubleshoot.

lsof output with server running and no bind command:

[sudo] password for augentism:
COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-n   835 systemd-network   15u  IPv4  72900      0t0  UDP 10.0.1.245:68
systemd-r   837 systemd-resolve   13u  IPv4  24976      0t0  UDP 127.0.0.53:53
systemd-r   837 systemd-resolve   14u  IPv4  24977      0t0  TCP 127.0.0.53:53 (LISTEN)
avahi-dae   851           avahi   12u  IPv4  25017      0t0  UDP *:5353
avahi-dae   851           avahi   13u  IPv6  25018      0t0  UDP *:5353
avahi-dae   851           avahi   14u  IPv4  25019      0t0  UDP *:46547
avahi-dae   851           avahi   15u  IPv6  25020      0t0  UDP *:40643
openvpn     929            root    5u  IPv4  34700      0t0  UDP *:53691
sshd        994            root    3u  IPv4  32113      0t0  TCP *:22 (LISTEN)
sshd        994            root    4u  IPv6  32115      0t0  TCP *:22 (LISTEN)
cupsd     11126            root    7u  IPv4  69088      0t0  TCP *:631 (LISTEN)
cupsd     11126            root    8u  IPv6  69089      0t0  TCP *:631 (LISTEN)
cups-brow 11129            root    7u  IPv4  70212      0t0  UDP *:631
sshd      11628            root    4u  IPv4  72154      0t0  TCP 10.8.0.2:22->10.8.0.3:54355 (ESTABLISHED)
sshd      11709       augentism    4u  IPv4  72154      0t0  TCP 10.8.0.2:22->10.8.0.3:54355 (ESTABLISHED)
sshd      12048            root    4u  IPv4  69467      0t0  TCP 10.8.0.2:22->10.8.0.3:57966 (ESTABLISHED)
sshd      12106       augentism    4u  IPv4  69467      0t0  TCP 10.8.0.2:22->10.8.0.3:57966 (ESTABLISHED)
Unturned_ 12129           steam   25u  IPv4  74988      0t0  UDP *:25565
Unturned_ 12129           steam   26u  IPv4  66373      0t0  UDP *:33844
Unturned_ 12129           steam   29u  IPv6  75898      0t0  UDP *:25566
Unturned_ 12129           steam   34u  IPv4  74997      0t0  TCP 10.8.0.2:39903->162.254.199.181:27020 (ESTABLISHED)```

lsof without server running:

```augentism@augentism-laptop:~$ sudo lsof -i -P -n
COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-n   835 systemd-network   15u  IPv4  72900      0t0  UDP 10.0.1.245:68
systemd-r   837 systemd-resolve   13u  IPv4  24976      0t0  UDP 127.0.0.53:53
systemd-r   837 systemd-resolve   14u  IPv4  24977      0t0  TCP 127.0.0.53:53 (LISTEN)
avahi-dae   851           avahi   12u  IPv4  25017      0t0  UDP *:5353
avahi-dae   851           avahi   13u  IPv6  25018      0t0  UDP *:5353
avahi-dae   851           avahi   14u  IPv4  25019      0t0  UDP *:46547
avahi-dae   851           avahi   15u  IPv6  25020      0t0  UDP *:40643
openvpn     929            root    5u  IPv4  34700      0t0  UDP *:53691
sshd        994            root    3u  IPv4  32113      0t0  TCP *:22 (LISTEN)
sshd        994            root    4u  IPv6  32115      0t0  TCP *:22 (LISTEN)
cupsd     11126            root    7u  IPv4  69088      0t0  TCP *:631 (LISTEN)
cupsd     11126            root    8u  IPv6  69089      0t0  TCP *:631 (LISTEN)
cups-brow 11129            root    7u  IPv4  70212      0t0  UDP *:631
sshd      11628            root    4u  IPv4  72154      0t0  TCP 10.8.0.2:22->10.8.0.3:54355 (ESTABLISHED)
sshd      11709       augentism    4u  IPv4  72154      0t0  TCP 10.8.0.2:22->10.8.0.3:54355 (ESTABLISHED)
sshd      12048            root    4u  IPv4  69467      0t0  TCP 10.8.0.2:22->10.8.0.3:57966 (ESTABLISHED)
sshd      12106       augentism    4u  IPv4  69467      0t0  TCP 10.8.0.2:22->10.8.0.3:57966 (ESTABLISHED)```

lsof when i got it working using the default ports:
```augentism@augentism-laptop:~$ sudo lsof -i -P -n
COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-n   835 systemd-network   15u  IPv4  72900      0t0  UDP 10.0.1.245:68
systemd-r   837 systemd-resolve   13u  IPv4  24976      0t0  UDP 127.0.0.53:53
systemd-r   837 systemd-resolve   14u  IPv4  24977      0t0  TCP 127.0.0.53:53 (LISTEN)
avahi-dae   851           avahi   12u  IPv4  25017      0t0  UDP *:5353
avahi-dae   851           avahi   13u  IPv6  25018      0t0  UDP *:5353
avahi-dae   851           avahi   14u  IPv4  25019      0t0  UDP *:46547
avahi-dae   851           avahi   15u  IPv6  25020      0t0  UDP *:40643
openvpn     929            root    5u  IPv4  34700      0t0  UDP *:53691
sshd        994            root    3u  IPv4  32113      0t0  TCP *:22 (LISTEN)
sshd        994            root    4u  IPv6  32115      0t0  TCP *:22 (LISTEN)
cupsd     11126            root    7u  IPv4  69088      0t0  TCP *:631 (LISTEN)
cupsd     11126            root    8u  IPv6  69089      0t0  TCP *:631 (LISTEN)
cups-brow 11129            root    7u  IPv4  70212      0t0  UDP *:631
sshd      11628            root    4u  IPv4  72154      0t0  TCP 10.8.0.2:22->10.8.0.3:54355 (ESTABLISHED)
sshd      11709       augentism    4u  IPv4  72154      0t0  TCP 10.8.0.2:22->10.8.0.3:54355 (ESTABLISHED)
sshd      12048            root    4u  IPv4  69467      0t0  TCP 10.8.0.2:22->10.8.0.3:57966 (ESTABLISHED)
sshd      12106       augentism    4u  IPv4  69467      0t0  TCP 10.8.0.2:22->10.8.0.3:57966 (ESTABLISHED)
Unturned_ 12391           steam    3u  IPv4  72198      0t0  UDP *:53938
Unturned_ 12391           steam   24u  IPv4  75043      0t0  TCP 10.8.0.2:51557->184.27.80.39:443 (ESTABLISHED)
Unturned_ 12391           steam   25u  IPv4  71467      0t0  UDP *:27015
Unturned_ 12391           steam   26u  IPv4  72207      0t0  UDP *:57495
Unturned_ 12391           steam   28u  IPv4  71482      0t0  TCP 10.8.0.2:60118->51.195.88.133:27035 (ESTABLISHED)
Unturned_ 12391           steam   29u  IPv6  72208      0t0  UDP *:27016
Unturned_ 12391           steam   33u  IPv4  71472      0t0  TCP 10.8.0.2:50267->162.254.192.74:27037 (ESTABLISHED)

I am curious to know why the default ports worked where the custom ones don’t, as it seems like its just some number changes on the port, but if we dont know why, then ¯\_(ツ)_/¯

Thanks,
Augentism

finspace · February 21, 2023, 2:32pm

If you are attempting to port forward for an Unturned dedicated server through a VPN gateway, it may be more complicated than a typical port forwarding setup. Some VPN services have features to help with this, such as “port forwarding” or “VPN passthrough” options. It is recommended to check the VPN provider’s documentation or support resources to see if they offer such features. Alternatively, you may need to configure the VPN gateway to allow the necessary ports for the Unturned server.

system · March 7, 2023, 2:32pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.