kyle_b's profile

Visitor

 • 

10 Messages

Thursday, August 24th, 2023 2:21 PM

Closed

Server Test Hosting Question

I am stuck not being sure what I am doing wrong here, so I will spell out my steps to see if anyone can spot the issue:

1. Download and configure server software successfully. Server runs fine and is accessible using local IP and port. 
2. Set up port forwarding for required port range on router.
3. Set up firewall rules on server PC to allow access to ports.

The end result should be that my server title should show up in the server browser hosted online and be accessible to others with proper password credentials, but it is not there. All the various YouTube and web page tutorials show this whole process to be straight forward, but for some reason I cannot get it to work.

Is there some software or steps to test things along the chain to see where it is failing? Or perhaps I can flash a different OS to the router? I'm guessing the router OS would violate Xfinity rules, but I'm curious.

Visitor

 • 

10 Messages

2 years ago

Update: using this site - https://www.portcheckers.com/ I find that the ports that are showing as forwarded in the Xfinity app are NOT forwarded when checked! 

So the question is: why is the router reporting the ports as forwarded when the actuality is they are not. Is it the range I chose instead of opening each port number individually?

Problem Solver

 • 

1.5K Messages

@kylebellamy​  Port forwarding on Xfinity gateways is a bit problematic in general.  You've got the Yugo of networking gear.  For it to work, people say you can't use a static assigned IP address for the target machine, you need to be in the DHCP pool.  Then if you can see the target machine in the app, you can forward a port, provided the port isn't in the blocked list:  https://www.xfinity.com/support/articles/list-of-blocked-ports  I don't know if it does port ranges or not.  I don't use their gear. 

It's also unclear when you change something in the phone app, how that gets communicated to your gateway, and when exactly that happens.  You've supposedly changed something in a remote database on their end.  But then, when does that get to you?  Unknown.  You might try pulling the power cord on the gateway after you make the change in the phone app, wait a minute to wipe out memory in the gateway, then plug it back in.  Perhaps the config on the gateway will contact the remote database and update when it reconnects and it will work.  If you search this forum, you'll see lots of port forwarding issues.  Maybe there is a better way, or someone else will chime in.

Cheap Advice?

Now in general, blowing holes in your firewall, and pointing the entire world directly to an application running on a box no matter what the OS is, without anything mitigating inbound connections, and exposing everything on your network on a single subnet?  Well that's just not a very good idea.  If that application is compromised, you've exposed your entire network.  I'd be careful with that kind of thing.  Better, would be to isolate such a thing on it's own subnet.  

If it's just you and some friends, perhaps better, would be to just open up a single port, and run and OpenVPN or Wireguard server (free).  So are the clients.  You control the accounts.  Then they can VPN and login to your box running the server, you can isolate access just to that box, and they can get to the application you are running.  The benefit there is that if anyone else in the world doesn't have an encrypted key and account, they can't even talk to the open port.  It will offer you some protection.  Both are well documented with tutorials.  

Visitor

 • 

10 Messages

Thanks for the information. The server is extremely limited to just friends, so the firewall messing around was mostly to test where the issue might be. The reason for the port spread which is just 2302-2305 is that the server uses them for connection for users but also to connect to Steam to verify users as well as check file versions for updates. 

Will try the hard reboot to see if that helps as that is something I hadn't thought to try but makes sense in retrospect. I'd love to just replace the router with my own, but not financially comfortable at present, so not going to do that. 

Problem Solver

 • 

1.5K Messages

@kylebellamy​  Wireguard is probably the more simple one to setup for that.  It's UDP protocol.  

A port check will fail for the wireguard server even if the port is open and the server is running because the port check doesn't have the encryption key :)

You can verify the server works by using wireguard client on a phone using cell service when you have it setup, then try your app that way.  You can also spin up a temporary web server on your box to if you have to just for a sanity check, to see if you can get to that with your phone when VPN connected or something like that.  

Visitor

 • 

10 Messages

2 years ago

Update: The port is definitely not forwarding. Confirmed a bunch of ways just to be certain. It shows as forwarded in the Xfinity app only and nowhere else from what I can see. 

Items checked:
Bitdefender Firewall rules (also turned all firewalls off just to be sure)

forum icon

New to the Community?

Start Here