WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

SSH login attempt to RUT955 hangs on VPN

0 votes
1,291 views 2 comments
by anonymous
Hi,

I have configured a "shared key" OpenVPN connection between my RUT955 (OpenVPN Client) and a pfSense (OpenVPN Server).

The OpenVPN connection is OK. The OpenVPN Client status on the RUT955 says it is connected. The same I can see on the pfSense OpenVPN server.

Through the OpenVPN tunnel I can:

- ping the hosts on the pfSense local network from the RUT955 terminal

- ping the RUT955 lan IP (which I have configured as part of the remote IPV4 network on the pfSense) from the hosts on the pfSense local network:

XXXXX$ ping 172.16.1.1
PING 172.16.1.1 (172.16.1.1): 56 data bytes
64 bytes from 172.16.1.1: icmp_seq=0 ttl=63 time=112.193 ms
64 bytes from 172.16.1.1: icmp_seq=1 ttl=63 time=111.766 ms
64 bytes from 172.16.1.1: icmp_seq=2 ttl=63 time=127.243 ms
64 bytes from 172.16.1.1: icmp_seq=3 ttl=63 time=130.442 ms
64 bytes from 172.16.1.1: icmp_seq=4 ttl=63 time=119.298 ms

But when I try to login via SSH through the VPN tunnel, it hangs after some steps, specifically on the "Local version string SSH-2.0-OpenSSH_7.6" message, like below:

XXXXXX$ ssh -v root@172.16.1.1
OpenSSH_7.6p1, LibreSSL 2.6.2
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to 172.16.1.1 port 22.
debug1: Connection established.
debug1: identity file /Users/giovannitusa/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/giovannitusa/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6

I've read from the Internet something related to the MTU, but not sure on qhat kind of modifications I

can try, or to DNS queries (to what I do not understand).

I've also changed the general firewall rule "Forward" from reject to accept, without luck.

Do you have any suggestion on how to solve this problem?

1 Answer

0 votes
by anonymous

Hi,

IP:172.16.1.1 is router LAN IP? If yes, can you reach router WebUI using IP: 172.16.1.1

by anonymous
Hi,

yes, 172.16.1.1 is the router LAN IP.

I have actually the same problem when trying to access the WebUI using the VPN channel.

Without VPN (therefore when linked to the RUT955 LAN, which is also configured as Access Point) both

WebUI and ssh access work, of course. In VPN, only ping works.

Thank you.
by anonymous
Any hint / idea?

I've checked firewall rules on both sides and they seems OK.

I may be wrong but I also think, should it be something related to the firewall, the ping should not work as well.

Thanks,