Using JuiceSSH on my phone, I’m able to connect to my device without any problems when I’m on my home Wi-Fi. However, when off WiFi and connected to my VPN, the server doesn’t connect. I’m still able to access the services it’s running, but can’t SSH into the server itself.

Edit: I thought I answered everyone’s questions but I’m not seeing the answers so I’m posting the info here.

I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

I’m using the built in VPN service in my router. It uses the OpenVPN protocol.

Edit 2: Using the same VPN config file, I’m able to access the server using Putty on my laptop. So I’m wondering if it is a Juice specific issue.

  • dotslashme@infosec.pub
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    Off the top of my head, here are a few things to check.

    • is your ssh server configured to only use a specific network interface? If it is, is that network interface reachable from the internet?
    • is the correct port open in your firewall?
    • is it possible you are doing port redirect in your firewall? Meaning the wan port redirects to a different land port.
    • Bdking158@kbin.socialOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

      ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

    • Bdking158@kbin.socialOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.

      ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work

  • Chungus@thechurchofmemes.com
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Can you share your firewall config? It could be that the firewall isn’t allowing packets to be forwarded from the tun/tap interface on the router to the LAN interface or vice versa.

    Can you ping the ssh server from the phone?

  • eneff@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    What address is sshd listening on?

    It would need to be able to listen to incoming connections via the VPN’s tunnel device. So either 0.0.0.0 (so all addresses) or explicitly on whatever the tunnel’s assigned address is, I think.

    This could also be a firewall issue, can you share your routing tables?

          • LachlanUnchained@lemmyunchained.net
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Really strange. Probably done all this, but just run through it again make sure you haven’t got a typo somewhere or something.

            1.	Check Connection Settings: Ensure the IP, port, and authentication details are correct in JuiceSSH.
            2.	Firewall Rules: Confirm the SSH port (usually 22) isn’t blocked by any firewalls on your network or server.
            3.	Try another SSH App: To see if it’s a JuiceSSH-specific issue, download another SSH client like Termius and test the connection.
            

            (I’d probably start with 3, might narrow it down to a juice config problem, I’m not very familiar with juice)

            • boothin@kbin.social
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              I would also test by connecting to the vpn and trying to go to a service’s ip or ping an ip on the network behind the vpn from the browser. I use juice and ovpn on my router as well and it works fine, so its unlikely to be a juice specific problem

              • LachlanUnchained@lemmyunchained.net
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                Yeh. It’s strange if it’s the same config file. Works on a laptop via putty.

                Surely just a configuration issue. Or like I said. Even a typo. I’m an absolute newb. I’ve spent days debugging networks, only to find a typo somewhere.

  • Notorious@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    It’s been a while since I’ve used OpenVPN, but if I remember correctly when I had this issue I had to change “dev tun” to “dev tap”. Ultimately the problem was that OpenVPN was assigning an ip on an unrouted subnet. I could access the internet, but not local devices.

    Personally I switched to Wireguard. It’s just so much easier to configure and add/manage devices. OpenVPN is way more powerful and configurable than I need.

    • Bdking158@kbin.socialOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I’m not especially attached to OpenVPN, it’s just always worked for me to this point and is built into the router firmware. So I haven’t needed to change

  • aski3252@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Are you trying to connect via IP or via hostname/DNS? Try IP if you haven’t yet.

    Perhaps you have only allowed connections from specific clients or from local IP’s only?

    Are there any error messages or do you get a timeout?

  • Osayidan@social.vmdk.ca
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    What is your VPN in this context? Is it a VPN on your server/server’s network to allow you access to that device specifically? Or a general public VPN for privacy?

    If the latter check that you don’t have any firewall rules to only allow SSH from your home’s IP, or maybe the VPN provider doesn’t allow using port 22 SSH for some reason.