Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to access with SSH

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 3 Posters 703 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      WhiteTiger-IT
      last edited by

      I have a server in DMZ, a PC on the LAN and a second PC that remotely connects using OpenVPN with a Road Warriors configuration.
      From the PC on the LAN I can access the server in DMZ both "web" and with SSH using putty and an access key.
      From the remote PC, with the same putty configuration and the same key, I cannot log in to the server using OpenVPN.
      Instead I can still launch a web application on the server.

      The OpenVPN rules are those created with the Wizard and therefore everything should be allowed to everywhere.

      OpenVPN-Rules.png

      bingo600B V 2 Replies Last reply Reply Quote 0
      • bingo600B
        bingo600 @WhiteTiger-IT
        last edited by

        @whitetiger-it
        Do you see a ssh login prompt, if trying without the key ?
        Is anything blocked in the log ?
        Have you made a capture ?

        If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

        pfSense+ 23.05.1 (ZFS)

        QOTOM-Q355G4 Quad Lan.
        CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
        LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

        1 Reply Last reply Reply Quote 0
        • V
          viragomann @WhiteTiger-IT
          last edited by

          @whitetiger-it said in Unable to access with SSH:

          From the remote PC

          Do you push the route to the VPN client (DMZ network in the "Local Networks" field)?

          Can you access any other device from the remote client?

          W 1 Reply Last reply Reply Quote 0
          • W
            WhiteTiger-IT @viragomann
            last edited by WhiteTiger-IT

            @viragomann
            I believe the problem is related to OpenVPN.
            Today the link SSH worked, but I lost it while I was working.
            From the log I see

            Nov 28 08:41:19	openvpn	46588	MyLoginName/MyRemoteIP:46059 [MyLoginName] Inactivity timeout (--ping-restart), restarting

            But I was working both on the pfSense dashboard and on a web panel of the server in DMZ.

            .
            Then I see many rows of this type, every 5-10 seconds.

            Nov 28 08:44:02	openvpn	46588	MyLoginNam/MyRemoteIP:45524 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2210 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

            Finally I would not want it to be related in some way to the problem I have already reported in this post; after starting the VPN connection, after about a minute I lose the ability to access the internet although I have configured the Outbound.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.