Menu
What's new
By:
Filters Better Search

Route SSH through VPN Client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

T

Torson

Senior Member
The big picture: 2 Asus routers - AC86U local and AX56U remote. Each router has a small (32GB) SSD attached to the USB 3 port.
I backup a small number of files to each router from their local networks. I run rsync (installed from Entware) through a cron job to backup remote files to the local router's storage.

That works well, but on the remote router on the Administration -> System tab I have SSH enabled on both the LAN and WAN interfaces.
On the local router VPN Client 4 connects to the OpenVPN server running on the remote router

What I'm trying to achieve is SSH through the VPN client 4 in order to have LAN only SSH on the remote router.
I used
Example 4 "Services hosted on the router may also be routed via the VPN, ...
Click to expand...
as described at https://github.com/RMerl/asuswrt-merlin.ng/wiki/Policy-based-Port-routing-(manual-method).

Here is the outcome (with SSH on the LAN interface only on the remote router)
Code: 
asmin@RT-AC86U:/tmp/mnt/asus/conf# ssh -p XXXX -i /jffs/dropbear/msg2drb_db asmin@10.8.0.1

ssh: Connection to asmin@10.8.0.1:XXXX exited: Connect failed: Connection refused

...and the outcome with both LAN and WAN SSH enabled on the remote:
Code: 
asmin@RT-AC86U:/tmp/mnt/asus/conf# ssh -p XXXX -i /jffs/dropbear/msg2drb_db asmin@10.8.0.1

ASUSWRT-Merlin RT-AX56U 384.17_0 Sun Apr 26 02:27:47 UTC 2020
asmin@RT-AX56U:/tmp/home/root#

I'm also using Selective Routing over the first 3 VPN clients and WAN and that works well. Skynet, unbound and Scribe running smoothly on the AC86U.

If required, I can provide the RPDB rules, prerouting and client ovpn information.

Any pointers and suggestions, please?
 
Something needs to be adjusted in your VPN client or server settings. Without seeing your settings, I can't say much except to point you to the router-to-router bi-directional VPN how-to that I posted.
 
maxbraketorque said:
Something needs to be adjusted in your VPN client or server settings. Without seeing your settings, I can't say much except to point you to the router-to-router bi-directional VPN how-to that I posted.
Click to expand...
Thanks for the pointer - I have it working now.
I believe there was a problem with SSH on 384.17 so I upgraded the remote router to 384.18 alpha1.
Then I configured the OpenVPN server 2 on the remote router for LAN only and followed the steps in your write-up at https://www.snbforums.com/threads/h...i-directional-router-to-router-openvpn.55400/.
Now SSH works through the OpenVPN client with LAN only configuration between the 2 routers.
 
Glad its working. Sorry I meant to post the link, but forgot.
 
You must log in or register to reply here.

Similar threads

R
Prevent SSH Disconnect / Timeout around ~ 105-116 seconds from last activity on terminal session
Replies
7
Views
592
ColinTaylor
C
J
Reverse internet access through Asus-Merlin OpenVPN client.
Replies
0
Views
449
Johnco2
J
M
OpenVPN / site to site with special security/routing constraints
Replies
7
Views
330
elorimer
E
G
RESOLVED: Lost access to WebUI from LAN, SSH is working
Replies
1
Views
194
ColinTaylor
C
F
Error with SSH
Replies
6
Views
824
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
M IPv6 and Router Advertisement adding route to delegated /56 via WAN interface Asuswrt-Merlin 0
B How to setup IPV6 static route for Docker IPVLAN Asuswrt-Merlin 0
CaptnDanLKW Simple Route Add Command Asuswrt-Merlin 9
L Openvpn internal error add route Asuswrt-Merlin 0
E Static route vs manually assigned IP around DHCP list? Asuswrt-Merlin 13
B IPv6 static route Asuswrt-Merlin 3
H Does VPN Director Use Routes or IPTables Rules To Route Clients Over a VPN Connection? Asuswrt-Merlin 5
H Can VPN Director Route Guest Wifi Network Traffic Over VPN Connection? Asuswrt-Merlin 0
J How to route domain from server side lan via remote ovpn client Asuswrt-Merlin 6
B Static VPN route in ASUS RT-AC87u with firmware 384.13_10 Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,008 (members: 26, guests: 982)
Top