Cant get on server from internet

[Sensae]

I know it's a bit late but I'm running a server on Fedora Core 5. You have to tell the server to use the machine IP that the router gives it because that's how forwarding works. I can connect to my DS on a machine on the same network by connecting to it's LAN IP. When other people online want to play I give them my WAN, the router sees there's traffic on 27015 and the other ports used for HL2, and forwards the request to the server machine.

[Megahalo]

Was this ever fixed cause I have the exact same problem and still no solution.

[cryotek]

Are you connecting from you LAN IP?

[Megahalo]

Well let me post the long version after I get back from school.

Edit: Ok I'm back.

So basically, here it goes. I have run SRCDS servers on Windows many times before so I know my router, SRCDS, and basically everything when it comes to srcds on Windows. So I recently got upgraded to a business internet account and got a static IP so I decided to start back up my CSS server after about a 4 month break. I wanted to set up a "real" server and not just one that I run off my laptop because if I go anywhere I still want my server to be running. So I put my other much older laptop in a permanent place and set it up with Windows. Well this isn't any problem I can fix here, but I had used my CD key to many times and couldn't activate it. So I decided to try Linux since my friend really likes linux. So I installed Ubuntu 6.10 and everything works fine. I have a Linksys router (not wireless, wired) and have already DMZed my laptop (which runs on 192.168.1.102, which I keep checking every time I attempt to run the server to make sure it hasn't changed and it has never changed so I don't think thats a problem). I installed XAMPP (The Linux Webserver) and it works on port 80 (Normal HTTP port for those who don't know). Other people can get to my webserver. Now of course I'm trying to run my SRCDS on the exact same computer, but I can't figure out why it does not work. I have tried everything and it just keeps pissing me off more and more than I can not get it! If I try to run it on my static IP I get a could not allocate UDP port error which I now understand means I am not allowed to take an IP that the computer does not own because my router owns the IP. If I removed the +ip it works on 127.0.0.1. I told my friends to try and connect, but had no luck. I then tried on my DCHP address (192.168.1.102) and thought it might work. Again no luck. I can connect to my server on LAN by adding it to my favorites as 192.168.1.102:27015 and I can play it, but no one can get to it using my static IP. I tried tons of different ports, no luck. It is just really starting to piss me off because I know that the server is starting up because I can get to it on LAN! I decided to test running the SRCDS on my windows comp (LAN IP 192.168.1.100, with ports 0-65535 opened manually.). Well I study what my Windows version says my IP is and it says that the servers IP (that it uses) is 192.168.1.100, which is correct. And of course the Windows SRCDS works. That is why I don't get when I set my Linux one to 192.168.1.102 why no one can join. Even though all ports are opened. Well I said I would post the long version and I did so can someone help me now please .

[cryotek]

I'm going to have to say it sounds like ubuntu might have setup a linux firewall (IPtables i belive it is by default)

as root try running the following

Code:

iptables -F

that should completely flush iptables.

Once you run that see if someone can connect.

[Megahalo]

Flushed them, but still unable to connect.

I have two errors that come up when trying to run the server. Maybe they will provide insight into what is happening.

Code:

net.cpp (932) : Assertion Failed: 0 == iRet && iValLen == sizeof( iVal ) && cSendBufSize <= iVal
net.cpp (940) : Assertion Failed: 0 == iRet && iValLen == sizeof( iVal ) && cRecvBufSize <= iVal

[Megahalo]

Anyone? Anyone at all?

[Loganx1]

I have the Samee probleem!!!!
Server is working perfect on LAN but nobody can enter the server from the internet.
I have forwarded all the ports.. and I'm runnung it on Windows.

plzzz heelpppp uusss!!

P.S.

EDIT: soo if I Open 0-65535 ports it will work.. Yes?

P.S. Sorry for My english..

[neon89]

I can't see that this has been writen in this post before so... Here we go.

To me it looks like your having a problem with eighter your firewall (software in computer / ruter or hardware) or your port forwarding is incorect.

From:
http://portforward.com/english/routers/port_forwarding/routerindex.htm
You can find good toturials on how to forward your ports aswell as fix your firewall.

You might allso try using another port that 27015, I myself had some problem with that port (donno why). I changed the port to 26015 and it worked.

[amanisten]

Hi i cant connect to my server my brother is hosting it (we have router) when i try to join it have 2000 latency. :S

take a look at my screenshot\/

[amanisten]

Hey i can't get on my server in LAN.
It has 2000 latency
SCREENSHOT

[eet_1024]

Megahalo Wrote:If I try to run it on my static IP I get a could not allocate UDP port error which I now understand means I am not allowed to take an IP that the computer does not own because my router owns the IP.

That's one way of putting it. But first, a brief overview of Internet, LAN, and NAT (Network Address Translation).

WAN/Outside IP Address
When your ISP gives you an ethernet TCP/IP connection to the internet, possibly with PPPoE, your end of the wire will have one or more IP addresses, static or dynamic, assigned to it, by your ISP. The type and quantity of IP address depends on how much you pay your ISP. All packets traveling over that wire will have that IP address in it.

You can only have as many machines directly connected to you ISP connection as you have IP addresses from your ISP. But that's ok, most computers don't need a direct connection to the internet anyways.

LAN IP Address Assignment
When you set up a LAN, every computer must each have their own unique IP address; no sharing is possible. You can either assign them manually, static addresses, or setup a DHCP (Dynamic Host Configuration Protocol) server to manage IP address assignment.

Subnets
Also, only computers on the same subnet can communicate with each other. They should have the same subnet mask, to keep things simple. And the IP address octets, the numbers delimited by the dots, that are are in the same position as subnet mask octets of 255, must be identical on all machines.

Here are some examples:

Code:

Subnet_1 IP:    192.168.0/16
Subnet_1 Mask:    255.255.0.0
Computer_1 IP:    192.168.0.65
Computer_2 IP:    192.168.1.1
Computer_3 IP:    192.168.2.225
A computer with an IP that does not begin with 192.168
will not be able to directly communicate with Subnet_1


Subnet_2 IP:    10.0.0.0/24
Subnet_2 Mask:    255.255.255.0
Computer_1 IP:    10.0.0.3
Computer_2 IP:    10.0.0.4
A computer with an IP that does not begin with 10.0.0
will not be able to directly communicate with Subnet_2

Ports
When a computer accepts a packet with a matching destination address, it uses the port number to identify which service, the packet is for (e.g. HTTP, FTP, Echo, Source DS, etc.). Port numbers are denoted after the IP Address by a colon and number. Valid port numbers are 0 to 65535. Ports under 1024 assigned to well known services, such as port 21 for FTP.

Here are some example ports:

Code:

Echo    Port 7        Used by ping
HTTP    Port 80        8080 and other ports sometimes used
srcds    Port 27016    Just one of several

Internet Connection Sharing / IP Address Translation
A Network Address Translator does just that, it changes IP Addresses in packets matching certain requirements. A NAT takes packets originating on your LAN destined for the outside world, and forwards them to your ISP by changing the source address. It also takes packets returning from your ISP and translates them onto your LAN by changing the destination address.

As you can see, NAT provides a simple way of sharing one internet connection among several machines. But it will only do this for TCP/IP connections initiated from your LAN. Any new connections from the outside are ignored (e.i. firewalled off).

Port Forwarding
But their is good news. A mechanism called port forwarding allows you to punch holes in the firewall and bind those holes to machines on the LAN.

When the NAT receives a packet on a port that it's listening to, it will modify destination address, and possibly the port for more exotic configurations, of the packet and send the packet onto your LAN. A machine with the matching IP address listening to that port will receive and process that packet.

Putting it all together
To host a Source DS that can be access from the internet, you must:

1. Have a properly configured LAN
2. Forward you Internet Gateway's (router's) Ports to your DS, see below for which ports.
3. Access you server with your outside IP address
   

Goofy666 Wrote:[UDP] 1200 (used for Steam's Friends service)
[UDP] 27000 to 27015 (so that means all ports in between too)
[TCP] 27030 to 27039 (idem)
=> these are all Steam related ports
[UDP] 27015 and 27020 (default DS port, also used for HLTV)
[TCP] 27015 (you want to forward this for RCON access)
=> these ports are used by the dedicated server itself

Disclaimer
This is just a really brief overview that has skipped many details, such as transport protocols.

I know that this post is very late.

For a more in depth understanding, see TCP/IP model on Wikepedia

Megahalo Wrote:I installed XAMPP (The Linux Webserver) and it works on port 80 (Normal HTTP port for those who don't know). Other people can get to my webserver. Now of course I'm trying to run my SRCDS on the exact same computer, but I can't figure out why it does not work.

Being able to access (I'm assuming from the outside) the web server is a good sign.

Megahalo Wrote:I decided to test running the SRCDS on my windows comp (LAN IP 192.168.1.100, with ports 0-65535 opened manually.). Well I study what my Windows version says my IP is and it says that the servers IP (that it uses) is 192.168.1.100, which is correct. And of course the Windows SRCDS works.

I'm assuming that when you 'opened' the ports, you were configuring the firewall on the windows machine.

There still are a few reasons that I can think of for your Linux box not being accessible. Local firewall on server, not all ports forwarded on the router, or ports not forwarded to the correct computer.

Given all of the changes you have been making, I suspect that your ducks just haven't been lining up. For this to work, all of the following are required all at the same time:

1. Your friends have to use the IP address provided by your ISP.
2. Your router has to be configured to forward ALL of the required ports to the correct computer (192.168.1.102 in your case), with the correct protocol (UDP/TCP) specified (if your router filters on that).
3. Your server must have the correct ports opened (not firewalled) on it.
4. Finally, Source DS must be bound to the correct IP address, 127.0.0.1 (localhost, means 'this' computer) or the IP address of the interface that the packets will be arriving on (192.168.1.102 in your case).
   

If just one of those items is not perfect, it won't work.

Now, if you tripled checked everything, see this post: RE: Tried everything Have no idea whats wrong. It tells you how to check you're connectivity without a working Source DS.

[dillinger420]

ok, well I have the same problem with people not being able to connect from the internet to my linux (ubuntu 64) based server... however I am able to connect on the LAN to it... now all of the information that people have provided about port forwarding is great and good information to know and all but my server is running with DMZ so no forwarding of ports are required, I ran srcds on my windows machine and it works perfectly fine while under DMZ. I believe the issue lies within the OS it self. because if running it through windows works with DMZ and running through linux with DMZ does not then the only other thing I can think of is either the iptables and or ports on the machine its self not talking to the internet. Please someone find a solution soon because I really DO NOT want to reformat that machine and install windows on it just so I can host a CSS server.


the port information provided by some people has been great to know info but when using DMZ its not need to know or required.

or is it my command that is the problem??
./srcds_run -console -game cstrike +map fy_iceworld -maxplayers 16 -autoupdate +ip 192.168.1.128 -port 27015

[eet_1024]

DMZ is glorified port forwarding; it's just that ALL of the ports and protocols are forwarded. The same rules apply, you just don't have to provide specific ports and protocols.

Assuming that the firewall on the linux box is setup to allow all IP on your LAN to connect, and not just the one computer you connected with, your router should be able to connect with no problem.

Your command line for starting the server should be fine if you can connect with from your LAN.

Do you have your DMZ setup with the correct IP of your linux box?
If so, see this: RE: Tried everything Have no idea whats wrong.

There's a method for checking connectivity to a windows or linux server without using SrcDS.

[dillinger420]

yup I assigned a static ip of 192.168.1.128 to the box and had the router DMZ that exact IP, I believe its something I havent configured on the box its self that is causing the connectivity issue.