[SOLVED] Port Forwarding Not Working for Raspberry Pi Server

[GreyGoldFish]

Hello, I'm currently attempting to port forward port 25565 to set up my Minecraft server running on a Raspberry Pi 3 Model B+, but no matter what I do, port checker tools such as canyouseeme.org always report the port as closed, and I've confirmed that external connections can't resolve the hostname of the server.

My setup is as follows, a Nokia G-240W-F router/modem provided by my ISP connected to the internet, which in turn is connected to the WAN port of a D-Link DIR-615 T1 router. My Pi is connected by LAN on port 2 of the Nokia router, which is on route mode (port 3 doesn't work, it's on bridge mode and I can't change it).

The firewall is disabled on both routers, and UPnP is enabled on both.

I've tried connecting the server to the D-Link router and port forwarding on both routers, but that also didn't work.

I called my ISP, they said that they don't block any ports and that I'd have to call my own specialist to resolve my issue (I also confirmed that I have a dynamic IP, so I configured DDNS with no-ip).

Any help would be greatly appreciated.

 

[bill001g]

If you think you have set everything up correctly then you have to start to suspect the raspberry.

Although kinda messy you could load wireshark onto a pc and then hook it up in place of the raspberry. The PC will not respond to the port checking tools but you will see the request come into the machine if the port forwarding is correctly setup.

 

[GreyGoldFish]

If you think you have set everything up correctly then you have to start to suspect the raspberry.

Although kinda messy you could load wireshark onto a pc and then hook it up in place of the raspberry. The PC will not respond to the port checking tools but you will see the request come into the machine if the port forwarding is correctly setup.

Thank you for your reply!

I believe everything is set up correctly, yes, but I'm not sure what could be wrong with the Pi... it's running Raspbian Lite, and runs a Paper Minecraft server at boot. I looked into it before and added the port 25565 to the firewall, so it should be working.

What is this Wireshark? I only have a Linux laptop, does it run on that?

 

[bill001g]

Almost all linux come with a command called tcpdump pre installed. You can load wireshark on linux it uses the tcpdump command to actually collect the data.

 

[GreyGoldFish]

Almost all linux come with a command called tcpdump pre installed. You can load wireshark on linux it uses the tcpdump command to actually collect the data.

I installed Wireshark, but couldn't figure out how to use it.

While I was researching Wireshark, I found out about the nmap command, so I changed the port forward to my laptop instead, then tried to nmap on my local ip, which said that the port is closed.

$ nmap -p 25565 192.168.1.68
Starting Nmap 7.80 ( [url=https://nmap.org]https://nmap.org[/url] ) at 2019-09-10 14:26 -03
Nmap scan report for 192.168.1.68
Host is up (0.000081s latency).

PORT      STATE  SERVICE
25565/tcp closed minecraft

Nmap done: 1 IP address (1 host up) scanned in 6.77 seconds

Here's a screenshot of my port forwarding settings:

https://imgur.com/a/KZTQbdj

View: https://imgur.com/a/KZTQbdj

 

[bill001g]

Most people do not have nmap but since you do its a good way to test. It will of course be closed if you test against your PC since you do not have the service running.

What you want to do is run nmap against the IP the raspberry pi is using and make sure you have the minecraft server running. You do not even have to set the port forwarding because the traffic is going lan-lan.

I am not sure about your router it should have a dmz option. That tends to be a good way to test when you are not sure if you have the syntax of port forwarding rules correct. Still your port forwarding is pretty simple you have the same port number on the wan and the lan.

 

[GreyGoldFish]

Most people do not have nmap but since you do its a good way to test. It will of course be closed if you test against your PC since you do not have the service running.

What you want to do is run nmap against the IP the raspberry pi is using and make sure you have the minecraft server running. You do not even have to set the port forwarding because the traffic is going lan-lan.

I am not sure about your router it should have a dmz option. That tends to be a good way to test when you are not sure if you have the syntax of port forwarding rules correct. Still your port forwarding is pretty simple you have the same port number on the wan and the lan.

I ran nmap on the Pi and it says that the service is running.

$ nmap -p 25565 192.168.1.193
Starting Nmap 7.70 ( [url=https://nmap.org]https://nmap.org[/url] ) at 2019-09-10 20:47 BST
Nmap scan report for 192.168.1.193
Host is up (0.00041s latency).

PORT      STATE SERVICE
25565/tcp open  minecraft

Nmap done: 1 IP address (1 host up) scanned in 6.75 seconds

 

[bill001g]

Then you must have some kind of issue with the port forwarding.

Before you get real far are you sure you have a public ip address. You should be able to see the ip someplace in your router for your wan port. This ip much match the ip you see on port scanners or sites like whatsmyip.

I would use the DMZ option in your router and point it to the raspberry device. DMZ tends to be simpler to configure because all you have to get correct is the ip address. It is not a secure long term solution but it means it then only a matter of figuring out how your router does port forwarding.

 

[GreyGoldFish]

Then you must have some kind of issue with the port forwarding.

Before you get real far are you sure you have a public ip address. You should be able to see the ip someplace in your router for your wan port. This ip much match the ip you see on port scanners or sites like whatsmyip.

I would use the DMZ option in your router and point it to the raspberry device. DMZ tends to be simpler to configure because all you have to get correct is the ip address. It is not a secure long term solution but it means it then only a matter of figuring out how your router does port forwarding.

Thank you so much for following me through with this.

I turned the DMZ option on and pointed it towards the Pi.

I checked my router and its WAN IPv4 address is 100.65.##.###, then I checked whatsmyip.com and it said that my IP address is 172.68.##.## .

 

[failboat]

I ran nmap on the Pi and it says that the service is running.

$ nmap -p 25565 192.168.1.193
Starting Nmap 7.70 ( [url=https://nmap.org]https://nmap.org[/url] ) at 2019-09-10 20:47 BST
Nmap scan report for 192.168.1.193
Host is up (0.00041s latency).

PORT      STATE SERVICE
25565/tcp open  minecraft

Nmap done: 1 IP address (1 host up) scanned in 6.75 seconds

You need to scan it from another pc. can you connect to it while on lan? you may have a firewall running.
iptables -A INPUT -p TCP --dport 25565 -j ACCEPT
then check that it worked with below
iptables -L

To add this in at boot you need a bash file saved down in /etc the common file name is rc.local with 755 root:root on this file.

#!/bin/bash
<<commands>>
<<commands>>
exit 0

 

[GreyGoldFish]

You need to scan it from another pc. can you connect to it while on lan? you may have a firewall running.
iptables -A INPUT -p TCP --dport 25565 -j ACCEPT
then check that it worked with below
iptables -L

To add this in at boot you need a bash file saved down in /etc the common file name is rc.local with 755 root:root on this file.

#!/bin/bash
<<commands>>
<<commands>>
exit 0

Thank you for your reply.

I tried this, but the server is still unreachable for external connections.

 

[failboat]

Thank you for your reply.

I tried this, but the server is still unreachable for external connections.

Looking back at what you raid your ip looks to be inside the carrier grade nat block which means your isp would also have to port forward which is not likely to happen. you need to reach out to them to see if you can get a static. I would recommend not hosting this anyway and pay for hosting.
100.64.0.0/10