Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    pfSense interfering with ssh session to virtual machines?

    General pfSense Questions
    1
    3
    11
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hypernova last edited by

      Hi,

      Posting here because I'm not sure if this question should go under another section.

      Firstly, I am not 100 % sure this is a pfSense issue, I just have a hunch that it might be.

      Here is my situation: I have a server running some VMs. My ssh sessions to those VMs keep being terminated after a short period of time (a few seconds to a minute, approximatly).

      I have set options on server and client side such as Server/ClientAliveInterval/Count. These are ssh options to prevent the connection from terminating by sending a packet every <XYZ> interval time. (You are probably already aware.)

      I have never had a problem with ssh on my network until I recently started using pfSense.

      Here's what I know so far...

      From the state tables, I can see this, when I connect via ssh from my workstation to my server:

      df42e169-4920-4c10-bf7c-abaf49eaab3d-image.png

      Seems normal?

      This is what I see when I connect via ssh from my workstation to my VM, which runs inside the server:

      613e65d0-8e48-4b1a-8ee1-eb0e7cd07ee4-image.png

      I really don't know enough technical detail to interpret what this means, or what misconfiguration this might point to.

      Like I say, not 100 % sure it is a pfSense issue, only fairly confident.

      Here's some details about what I have setup on pfSense.

      1: Gateway to VMs it set as follows:

      53d372cb-02ca-4df9-8131-825b7a3c8342-image.png

      2: Static route to VMs is set as follows:

      39032c91-bbdb-4564-8bd3-0ed8ed73bcd1-image.png

      3: IP assignments:

      Workstation: 192.168.10.100

      Server (VM host): 192.168.10.101

      VMs: 192.168.100.184 (random DHCP address on the virtual network 192.168.100.0)

      I hope that is enough useful info to start with?

      What else should I check / look for to further diagnose this?

      1 Reply Last reply Reply Quote 0
      • H
        hypernova last edited by

        Oh, additionally here is the firewall info for LAN2:

        b90f5a0e-cfde-4801-bc48-6b6b3e42b862-image.png

        1 Reply Last reply Reply Quote 0
        • H
          hypernova last edited by hypernova

          Just trying to add as much potentially useful info here: Here's two traceroutes in both directions.

          Run on workstation: traceroute to VM

          traceroute to 192.168.100.184 (192.168.100.184), 30 hops max, 60 byte packets
 1  192.168.10.1 (192.168.10.1)  1.207 ms  1.173 ms  1.158 ms
 2  server.localdomain (192.168.10.101)  1.196 ms  1.199 ms  1.198 ms
 3  192.168.100.184 (192.168.100.184)  1.459 ms  1.473 ms  1.461 ms

          Run on VM: traceroute to workstation

          traceroute to 192.168.10.100 (192.168.10.100), 30 hops max, 60 byte packets
 1  192.168.100.1 (192.168.100.1)  0.154 ms  0.130 ms  0.117 ms
 2  workstation.localdomain (192.168.10.100)  1.105 ms  1.097 ms  1.085 ms
          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy