1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

384.12 can no longer RDP through ssh tunnel

Discussion in 'Asuswrt-Merlin' started by VanillaXtract, Jun 24, 2019.

  1. VanillaXtract

    VanillaXtract Occasional Visitor

    Joined:
    Sep 27, 2014
    Messages:
    25
    While at work, I typically use PuTTY to connect to my home network. In PuTTY, I have a couple of tunnels established to RDP into my home machines. With 384.12 (and the beta), this no longer works. I can establish the ssh tunnel, but RDP fails to connect. Rolling back to 384.11 fixes the issue. Any ideas on what changed to break this functionality?
     
  2. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,593
    Did something change on the work network?
     
  3. martinr

    martinr Part of the Furniture

    Joined:
    Nov 27, 2014
    Messages:
    2,051
    Location:
    United Kingdom
    You won’t get into trouble doing that, will you? I’m just thinking if, heavens forbid, you suffer a data breach at work, and the network admins start going through the logs with a fine tooth-comb, you’re won’t get hauled over the coals, will you, as a possible suspect for the point of entry?




    From the excellent SSH Mastery by Michael W Lucas:

    "As a user, the ability to tunnel arbitrary traffic over SSH does not mean you should. If your organization's security policy forbids port forwarding or tunneling, don't do it. If the policy says "use the Web proxy and stay off IRC," then listen. I am not responsible if you use these techniques and are reprimanded, terminated, or exterminated. (Even if we IT security officers are all petty tinpot despots who don't understand your very personaland deeply urgent need for IRCand Google+.)"
     
    Last edited: Jun 24, 2019
    QuikSilver, royarcher and L&LD like this.
  4. martinr

    martinr Part of the Furniture

    Joined:
    Nov 27, 2014
    Messages:
    2,051
    Location:
    United Kingdom
    Try temporarily turning on logging in Putty and the have a look in the log. You should get a good idea from that where the problem is.
     
    Makaveli and L&LD like this.
  5. VanillaXtract

    VanillaXtract Occasional Visitor

    Joined:
    Sep 27, 2014
    Messages:
    25
    Nothing has changed. The behavior is specific to the new build of the firmware (and the betas for that matter).

    No, I won't. I guess I am doing precisely what Master Lucas is saying not to do. I do it merely because I can. Thank you for this.

    For the sake of curiosity, I will do this because I would like to know what behavior change has occurred.
     
    martinr likes this.
  6. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    873
    How is your tunnel setup to make the hop to the RDP machine? By IP or hostname? 384.12 changed how the router resolves hostnames for itself. By default, the router won't know how to resolve local hostnames within your LAN. See Tools - Other Settings "Wan: Use local caching DNS server as system resolver (default: No)".
     
    QuikSilver likes this.
  7. martinr

    martinr Part of the Furniture

    Joined:
    Nov 27, 2014
    Messages:
    2,051
    Location:
    United Kingdom
    Please do let us know the outcome; we’re as keen as you to know where the problem lies.