Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 40 subscribers
  • Views 1950 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Minecraft port forward through DNAT

Kevin Neureuter

Hello,

I have searched the forums to see if there was anything to help with this but I have not seen anything.

I created a DNAT through Server Access Assistant to try and reach a Minecraft server on my network.

Firewall Rule:

NAT Rules:

I have tried with loopback and reflexive enabled and disabled, no dice.

Packet Capture:

TCPDump:

Please let me know if you can help.



This thread was automatically locked due to age.
Parents
  • +1

    Hello!

    Looking at tcdump It shows you're trying to connect to the Minecraft Server through a Local IPv4 Address.

    But the Firewall Policy is allowing only IPv4 Adresses from the WAN Zone.

    If you want to be able to access the server from both WAN & LAN, you need to first edit the Firewall Policy to allow traffic from both LAN & WAN.

    Also, edit the Firewall & NAT Policies name, and give It a better one. (For ease-of-use purposes.)

    EDIT: There's no need for a reflexive NAT, you already have a MASQ NAT in place.

    Thanks!

    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

Reply
  • +1

    Hello!

    Looking at tcdump It shows you're trying to connect to the Minecraft Server through a Local IPv4 Address.

    But the Firewall Policy is allowing only IPv4 Adresses from the WAN Zone.

    If you want to be able to access the server from both WAN & LAN, you need to first edit the Firewall Policy to allow traffic from both LAN & WAN.

    Also, edit the Firewall & NAT Policies name, and give It a better one. (For ease-of-use purposes.)

    EDIT: There's no need for a reflexive NAT, you already have a MASQ NAT in place.

    Thanks!

    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

Children
  • +1 in reply to Prism

    Good evening Prism!

    Thank you for your help.  I changed the Firewall Policy to allow that, but that didn't help.  I then changed it to "Any" instead of just "WAN" and "LAN", still no dice.

    I deleted the reflexive NAT and turned on Loopback NAT again, and it worked!

    Thank you for the advice on the naming, I did change them to be simpler.

Unfiltered HTML