Sons of the Forest Port Forwarding Guide
For players to connect to your Sons of the Forest dedicated server — and for the server to appear in the public browser — specific ports must be open on your router and firewall. Missing or misconfigured ports are the single most common cause of "server not showing up" and "connection refused" errors. This guide walks through every required port and shows you how to verify they are open.
🔌 Required Ports Reference
Sons of the Forest uses a cluster of UDP ports. All three must be open for the server to function correctly in both LAN and public mode.
🏠 Home vs VPS Hosting
On a home network, ports are forwarded on your router. On a VPS/dedicated machine, ports are opened in the OS firewall (ufw/iptables on Linux, Windows Firewall on Windows).
Required Ports
| Port | Protocol | Purpose |
|---|---|---|
| 8766 | UDP | LAN/Steam P2P discovery port |
| 27016 | UDP | Main game port — player connections |
| 27017 | UDP | Steam query port — server browser listing |
If you changed the port values in dedicatedserver.cfg (via GamePort, QueryPort, or LanServerPort), forward the matching custom values instead.
Step 1: Router Port Forwarding (Home Networks Only)
- Open your router admin panel — typically at
192.168.1.1or192.168.0.1 - Navigate to Port Forwarding (sometimes under Advanced → NAT)
- Create three UDP rules, each pointing to your server PC's local IP address:
External Port → Internal IP → Internal Port → Protocol
8766 → 192.168.1.x (server) → 8766 → UDP
27016 → 192.168.1.x → 27016 → UDP
27017 → 192.168.1.x → 27017 → UDPReplace 192.168.1.x with your server machine's actual LAN IP. Find it by running ipconfig (Windows) or hostname -I (Linux).
Step 2: OS Firewall Rules
Linux (UFW):
sudo ufw allow 8766/udp
sudo ufw allow 27016/udp
sudo ufw allow 27017/udp
sudo ufw reload
sudo ufw statusLinux (iptables):
iptables -A INPUT -p udp --dport 8766 -j ACCEPT
iptables -A INPUT -p udp --dport 27016 -j ACCEPT
iptables -A INPUT -p udp --dport 27017 -j ACCEPTWindows (PowerShell as Administrator):
New-NetFirewallRule -DisplayName "SOTF Game Port" -Direction Inbound -Protocol UDP -LocalPort 27016 -Action Allow
New-NetFirewallRule -DisplayName "SOTF Query Port" -Direction Inbound -Protocol UDP -LocalPort 27017 -Action Allow
New-NetFirewallRule -DisplayName "SOTF LAN Port" -Direction Inbound -Protocol UDP -LocalPort 8766 -Action AllowStep 3: Verify Ports Are Open
Use an online port checker such as YouGetSignal or nmap from another machine:
# From another machine on a different network:
nmap -sU -p 8766,27016,27017 [your-public-IP]
# Expected output for open ports:
PORT STATE SERVICE
8766/udp open unknown
27016/udp open unknown
27017/udp open unknownTroubleshooting: Server Still Not Visible
- Server shows to LAN players but not publicly: Port forwarding is missing on the router — the OS firewall alone is not enough on a home network
- Rules added but ports still closed: Your ISP may block incoming UDP on these ranges — contact them or switch to a VPS
- Double NAT: If your ISP provides a modem/router combo AND you have your own router, you are double-NATed. Forward ports on both devices, or put your inner router in the modem's DMZ
- Server behind Cloudflare / proxy: UDP game ports can't be proxied — the server must be reachable on its raw public IP
Static LAN IP: Ensure your server machine has a static (non-DHCP) local IP address so router forwarding rules always point to the correct device. Assign a static IP in your router's DHCP reservation table using the server's MAC address.
Professional Hosting
Skip port forwarding entirely. Host your Sons of the Forest server with Supercraft on our datacenter hardware where all ports are pre-configured and no router setup is required.