[ssh connection broke]



  • Hi,

    First of all thanks for your very nice work arround pfsense project.
    I have search on the forum, and dont find anything about that.

    I use the lastest pfsense 1RC2.
    My problem is :

    When I have a ssh session from [station] to [sshd server] with the setup 1 (using pfsense as a router),
    and when there is a lot of output on my terminal (with a "find / -type f" for exemple) or if I do a scp between [station] and [sshd server],
    the ssh connection is broke.

    There is no problems with setup 2.

    What do you thing about that ? How can i fix the problem ?

    1 - setup 1 :

    -local lan: 10.0.0.0/16       
    [ station ] –------------> [ pfsense ]
    10.0.1.XX                        10.0.1.1
                                                |
                                                |
                                        [ VPN gateway ] –--(own wan link)----> ( remote network )---> [ sshd server ]
                                          10.0.1.10                                            10.2.0.0/16                  10.2.2.2

    2 - setup 2:

    -local lan: 10.0.0.0/16                                       
    [ station ]                      [ pfsense ]
    10.0.1.XX                       
        |                                       
        |                                     
          \–----------------->  [VPN gateway ] –--(own wan link)----> (remote network) ---> [ sshd server ]
                                          10.0.1.10                                            10.2.0.0/16                10.2.2.2

    regards,
    ronan.



  • If I get this right the station is sitting at LAN and you have a static route at LAN pointing to the Tunnelgateway for the remote subnet of the sshd server. In that case there is an option at system>advanced that you should turn on:

    static route filtering:


    This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where multiple subnets are connected to the same interface.



  • Yes it work fine with this option activated.

    Thanks !

    regards,
    ronan.


Log in to reply