Hosting minecraft server through vpn?

[slop_me]

I host a minecraft server at home it runs on ubuntu 18. I'm trying to pass all the traffic through another server so I don't have to use my home ip with the minecraft server. I have a Vultr server to pass all the traffic through I can't find any documentation of someone else doing this online so I'm kinda dead in the water right now. If anyone has documentation that would be useful a link would be greatly appreciated thank you for taking the time to read.

[Guest]

12 minutes ago, slop_me said:

I host a minecraft server at home it runs on ubuntu 18. I'm trying to pass all the traffic through another server so I don't have to use my home ip with the minecraft server. I have a Vultr server to pass all the traffic through I can't find any documentation of someone else doing this online so I'm kinda dead in the water right now. If anyone has documentation that would be useful a link would be greatly appreciated thank you for taking the time to read.

I think "Networking" would be a better place to post this

[slop_me]

3 minutes ago, OddGreyFox211 said:

I think "Networking" would be a better place to post this

I shall post it there I don't see a way to move or delete this thread.

[Guest]

17 minutes ago, slop_me said:

I host a minecraft server at home it runs on ubuntu 18. I'm trying to pass all the traffic through another server so I don't have to use my home ip with the minecraft server. I have a Vultr server to pass all the traffic through I can't find any documentation of someone else doing this online so I'm kinda dead in the water right now. If anyone has documentation that would be useful a link would be greatly appreciated thank you for taking the time to read.

and what you're looking for is port forwarding I belief. Mind you I have no clue about network stuff though

[GDRRiley]

why not just use a DNS service so your users type in a name?

[slop_me]

Just now, GDRRiley said:

why not just use a DNS service so your users type in a name?

I do have a dns. I just still don't want the dns pointed at my home ip

[Windows7ge]

In theory this should work. Pritunl would allow everyone connected to the VPN to access the minecraft server via the IP assigned by the VPN.

[Slottr]

-Merged-

 

Please only post once

[slop_me]

3 minutes ago, Slottr said:

-Merged-

 

Please only post once

Thank you was trying to delete the other one

 

[Windows7ge]

Are you running into a particular problem or are you just not sure how to set it up?

[slop_me]

25 minutes ago, Windows7ge said:

Are you running into a particular problem or are you just not sure how to set it up?

I think it's more of setting it up I have connected my home minecraft server to the pritunl and opened up the ports required for the server on the vultr server but it just says connection refused so I'm not sure where to go from here

[Windows7ge]

Are trying to connect to the VPS via it's IP or are you joining the VPN hosted on the VPS? If you're just connecting directly to the VPS it doesn't know what to do with your incoming connection.

 

One option you can try doing and this may work is enabling Inter-Client Communication on the VPS:

 

 

Also enable Allow Multiple Clients. Join the VPN then try connecting to the Minecraft server using the IP assigned by Pritunl.

 

I've not hosted a minecraft server in a long time. You may have to tell the server to broadcast on the VPN network and to listen for incoming connections if it doesn't broadcast on all available interfaces by default.

 

I have confidence this should work if your goal was just to access it from outside your house via it's IP and setting up a Static Route but this is definitely a little different. It should still be possible though.

[slop_me]

33 minutes ago, Windows7ge said:

Are trying to connect to the VPS via it's IP or are you joining the VPN hosted on the VPS? If you're just connecting directly to the VPS it doesn't know what to do with your incoming connection.

 

One option you can try doing and this may work is enabling Inter-Client Communication on the VPS:

 

 

Also enable Allow Multiple Clients. Join the VPN then try connecting to the Minecraft server using the IP assigned by Pritunl.

 

I've not hosted a minecraft server in a long time. You may have to tell the server to broadcast on the VPN network and to listen for incoming connections if it doesn't broadcast on all available interfaces by default.

 

I have confidence this should work if your goal was just to access it from outside your house via it's IP and setting up a Static Route but this is definitely a little different. It should still be possible though.

I have tried everything you have said and even triple checked that my Vultr server was listening on port 25565 but it still refuses connection with everything setup as you have suggested above

[slop_me]

I have made some sort of progress I can connect to the MC server if I connect both my home pc to the VPN and the server to the VPN. Which now makes me extra confused why I can't connect when I'm on my home network all the ports are open to the internet.

[Windows7ge]

1 minute ago, slop_me said:

I have made some sort of progress I can connect to the MC server if I connect both my home pc to the VPN and the server to the VPN. Which now makes me extra confused why I can't connect when I'm on my home network all the ports are open to the internet.

When you attempt to connect while on your home network are you connecting to the MC server using your Public IP?

[slop_me]

1 minute ago, Windows7ge said:

When you attempt to connect while on your home network are you connecting to the MC server using your Public IP?

I'm trying to connect to the mc server using the Vultr public ip.

[Windows7ge]

2 minutes ago, slop_me said:

I'm trying to connect to the mc server using the Vultr public ip.

Well, the reason would be nothing is linking the two processes together. There is no route to the MC server IP except over the VPN. If you aren't connected to the VPN the VPS can't link your requests to the MC server.

 

An analogy might be imagine two people in the same building but in different rooms and the hallway is the VPN. The two processes can't talk to one another without it.

 

As I mentioned before if you were hosting the VPS on your home network you could configure a static route to your MC server. This way it wouldn't have to run the VPN Client. It may be possible to link the VPS VPN to a VPN on your LAN (Site-to-Site) but Pritunl I believe charges you for that right.

[slop_me]

14 minutes ago, Windows7ge said:

Well, the reason would be nothing is linking the two processes together. There is no route to the MC server IP except over the VPN. If you aren't connected to the VPN the VPS can't link your requests to the MC server.

 

An analogy might be imagine two people in the same building but in different rooms and the hallway is the VPN. The two processes can't talk to one another without it.

 

As I mentioned before if you were hosting the VPS on your home network you could configure a static route to your MC server. This way it wouldn't have to run the VPN Client. It may be possible to link the VPS VPN to a VPN on your LAN (Site-to-Site) but Pritunl I believe charges you for that right.

Hmmm... This is turning into way more hassle than I expected lol. Now I just need to find someway to make the vps talk to the vpn at least that's what I got from what you said. I also don't think pritunl charges for anything as far as I thought they were completely free

I don't even need to do this by vpn that's not a requirement so if anyone has a better way of doing this I would be more than willing to try suggestions at this point lol going on 6 hours of trying different things now

[Windows7ge]

4 minutes ago, slop_me said:

Hmmm... This is turning into way more hassle than I expected lol. Now I just need to find someway to make the vps talk to the vpn at least that's what I got from what you said. I also don't think pritunl charges for anything as far as I thought they were completely free

Well. The immediate problem would be that there's no route going between the VPN network and the Public IP of the VPS. You can configure Static Routes but I don't know if it would allow connections going into the VPN or if it would only allow connections going out.

 

They have a subscription plan you can sign up for. It unlocks more features of the VPN service such as linking multiple VPN servers (Site-to-Site).

[slop_me]

6 minutes ago, Windows7ge said:

Well. The immediate problem would be that there's no route going between the VPN network and the Public IP of the VPS. You can configure Static Routes but I don't know if it would allow connections going into the VPN or if it would only allow connections going out.

 

They have a subscription plan you can sign up for. It unlocks more features of the VPN service such as linking multiple VPN servers (Site-to-Site).

Ah okay I didn't know they had a subscription. Do you know of any other way other than a VPN that I could pass the Minecraft server through the VPS? I'm not to familar with how I would configure static routs going to and from the VPN. I'll admit that's probably above me

[Windows7ge]

1 minute ago, slop_me said:

Ah okay. Do you know of any other way other than a VPN that I could pass the Minecraft server through the VPS? I'm not to familar with how I would configure static routs going to and from the VPN. I'll admit that's probably above me

I have my Pritunl server setup in a Client-to-Site configuration. It does appear the server can ping devices on the VPN. This means it should be possible for the VPS to connect to the MC server.

 

What you need is something to forward your request to your MC VPN IP from the Public IP of the VPS.

 

Unfortunately I don't know what to achieve that. You basically need the VPS to behave like a router. This would enable people not connected to the VPN to access the MC server on the VPN.

[slop_me]

11 minutes ago, Windows7ge said:

I have my Pritunl server setup in a Client-to-Site configuration. It does appear the server can ping devices on the VPN. This means it should be possible for the VPS to connect to the MC server.

 

What you need is something to forward your request to your MC VPN IP from the Public IP of the VPS.

 

Unfortunately I don't know what to achieve that. You basically need the VPS to behave like a router. This would enable people not connected to the VPN to access the MC server on the VPN.

Greatly appreciate all the help I will have to pick up this tomorrow it's getting rather late and I'm just going to end up bashing my head on my keyboard if I keep up on this in the late hours

[Alex Atkin UK]

I don't think you need a VPN to do this, if I'm recalling correctly.

 

On the VPS I think you should be able to port forward from its public IP address to your home IP address.  Anyone connecting only sees the VPS IP.

I'm not sure this is 100% leak proof, but then I'm not sure the VPN is either.

Either way I think you need to enable ip forwarding on the VPS, or it can't NAT the packets to make them appear to come from a different IP.

[slop_me]

20 minutes ago, Alex Atkin UK said:

I don't think you need a VPN to do this, if I'm recalling correctly.

 

On the VPS I think you should be able to port forward from its public IP address to your home IP address.  Anyone connecting only sees the VPS IP.

I'm not sure this is 100% leak proof, but then I'm not sure the VPN is either.

Either way I think you need to enable ip forwarding on the VPS, or it can't NAT the packets to make them appear to come from a different IP.

Could you possibly provide documentation on how this is done greatly appreciated if you could :D ? I'm going to be blunt I'm not too sure how to word that into google lol

[Alex Atkin UK]

2 hours ago, slop_me said:

Could you possibly provide documentation on how this is done greatly appreciated if you could ? I'm going to be blunt I'm not too sure how to word that into google lol

If the VPS is Linux based I think its something like this:

sysctl net.ipv4.ip_forward=1

server_ip="x.x.x.x"
home_ip="y.y.y.y"
server_port=25565
home_port=25565


iptables -A PREROUTING  -t nat -p tcp -m tcp -d $server_ip --dport $server_port -j DNAT --to-destination $home_ip:$home_port
iptables -A PREROUTING  -t nat -p udp -m udp -d $server_ip --dport $server_port -j DNAT --to-destination $home_ip:$home_port
iptables -A FORWARD -m state -p tcp -d $home_ip --dport $home_port --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state -p udp -d $home_ip --dport $home_port --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -p tcp -m tcp -s $home_ip --sport $home_port -j SNAT --to-source $server_ip
iptables -A POSTROUTING -t nat -p udp -m udp -s $home_ip --sport $home_port -j SNAT --to-source $server_ip

Where obviously you need to specify your VPS server and home IP addresses instead of the x.x.x.x and y.y.y.y.

 

If I still had my Minecraft server installed I would have tested it.

 

Obviously you still need to have the port forwarded via your router at home too to your local server to let the redirected traffic in, that's "the catch" in that its still accessible from the Internet on your home IP if someone knows it.