| 1 |
On 9/18/22 1:26 AM, n952162 wrote: |
| 2 |
> I want to ssh over my openvpn connection, and I can't do it, the |
| 3 |
> connection times out. |
| 4 |
|
| 5 |
IMHO the first, second, and third thing to try when OpenSSH clients fail |
| 6 |
for some reason is `-v`, `-v -v`, and `-v -v -v` in your ssh command(s). |
| 7 |
|
| 8 |
That will almost always give you some sort of indication of the next |
| 9 |
place to start looking. |
| 10 |
|
| 11 |
That being said, -- assuming routing is good -- I would also question an |
| 12 |
MTU issue. The symptoms of this are OpenSSH establishes the TCP |
| 13 |
connection that carries the data and starts negotiating the SSH protocol |
| 14 |
but fails part way through and starts timing out when big packets are |
| 15 |
sent but never make it to the other end. |
| 16 |
|
| 17 |
As Michael alluded to, trying to SSH from the local gateway to the |
| 18 |
remote gateway can be a little tricky to configure as there can be a |
| 19 |
couple of source IPs (local inside & local outside) as well as a couple |
| 20 |
of destination IPs (remote outside & remote inside). Tunnels usually |
| 21 |
cover local inside communicating with remote inside but fail to account |
| 22 |
for any outside addresses. -- N.B. this can usually be addressed with |
| 23 |
a judicious route statement that specifies which source address to use. |
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
-- |
| 28 |
Grant. . . . |
| 29 |
unix || die |
Archives