Jump to content

Server and Client same network with strange NAT behavior.


yourmate
 Share

Recommended Posts

I'm unable to connect to a server on the same network as the client using the in game server menu. I believe this is also preventing me from transferring to another server in the cluster.

So far I have found 2 workarounds, joining from an external network using a mobile data connection and with the console command "open Localip:Port?Password".

Ark is trying to connect using the servers public ip and the response from the server is coming back to the client from a local ip, could this cause ark to ignore the response? 

1890896881_Screenshot2024-09-28144406.png.c349437588185425f700a4916bc86fed.png

Link to comment
Share on other sites

12 hours ago, yourmate said:

I believe I have NAT Loopback set correctly. The above image shows a packet capture on the client. The server is responding to client, just not from the public ip, which I think is causing ark to ignore it.

404468490_Screenshot2024-09-28184530.png.b4393204a1d3fd0b8acc4965859705b6.png721822899_Screenshot2024-09-28184608.png.30b3bc8635beffbdf147c6cb3bb40864.png

Theorically, NAT loopback should rewrite the headers of the packets so in a wireshark taken from the client you should see connections to and from the public IP. You shouldnt be seeing the lan server address.

Isnt there other NAT reflection modes in your router? (apart from Pure NAT)

Link to comment
Share on other sites

Thanks arkark! You where correct. There was still a NAT Reflection setting that i hadn't enabled. After reading the doc's closer I discovered that I needed to "Enable automatic outbound NAT for Reflection"

https://docs.netgate.com/pfsense/en/latest/nat/reflection.html858153758_Screenshot2024-09-29092057.png.aec15a0f090b7c4bb5713ae123b907e5.png

 

Now the traffic looks like what I am expecting and I can connect with the in game server menu.
1746496835_Screenshot2024-09-29092202.png.4e90e0ce8a7a1ede640c144a44c43414.png

Link to comment
Share on other sites

13 hours ago, yourmate said:

Thanks arkark! You where correct. There was still a NAT Reflection setting that i hadn't enabled. After reading the doc's closer I discovered that I needed to "Enable automatic outbound NAT for Reflection"

https://docs.netgate.com/pfsense/en/latest/nat/reflection.html858153758_Screenshot2024-09-29092057.png.aec15a0f090b7c4bb5713ae123b907e5.png

 

Now the traffic looks like what I am expecting and I can connect with the in game server menu.
1746496835_Screenshot2024-09-29092202.png.4e90e0ce8a7a1ede640c144a44c43414.png

Nice! That last image shows how a complete NAT loopback would looks like. The previous mode you had enabled was cheaper (in router CPU usage as it does less packet header rewriting) but modern applications tend to detect that as a security problem (due to a mismatch in the packet srcaddr header) and will not work.

Edited by arkark
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...