Hi everyone, I have an unraid server and an openwrt device behind my router. In case of access the unraid server and the openwrt device from internet, I configured port forwarding on the router. The issue is that I can ssh to the openwrt device both from LAN and WAN, I can also ssh to unraid from LAN, but I CAN'T access to it from WAN. (By now, if I want to ssh to unraid from WAN, I have to ssh to openwrt device first, then ssh to unraid server. )
here is port forwarding config on router
here is the ssh client debug log:
☺ cat ~/.ssh/config|grep -A 5 unraid-test
Host unraid-test
HostName tingyu.fun
User root
Port 27444
IdentityFile ~/.ssh/id_rsa
zhengtongshan@desktop-tingyu /mnt/e/DreamWardrobe/src/Branches/masterNew/Server/scripts
☺ ssh unraid-test -vvv
OpenSSH_7.6p1 Ubuntu-4ubuntu0.4, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /home/zhengtongshan/.ssh/config
debug1: /home/zhengtongshan/.ssh/config line 20: Applying options for unraid-test
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "tingyu.fun" port 27444
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to tingyu.fun [123.112.246.80] port 27444.
debug1: Connection established.
debug1: identity file /home/zhengtongshan/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/zhengtongshan/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.4
ssh_exchange_identification: read: Connection reset by peer
here is the ssh server debug log
root@Tower:~# /usr/sbin/sshd -d -p 27444
debug1: sshd version OpenSSH_8.8, OpenSSL 1.1.1l 24 Aug 2021
debug1: private host key #0: ssh-rsa SHA256:yV1IA8vfSiPBluZhKaMdC/IyP4BqhgBBfiBihO4R4/k
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:giUzmH9U0OgvvPkeuV7Xx+jjrhXffMnUi/5DEwWnAvg
debug1: private host key #2: ssh-ed25519 SHA256:eDZkJykIeeSbrZvFNNyvMPOJKrO0jwgSsrIQ/alW7RE
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='27444'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 27444 on 0.0.0.0.
Server listening on 0.0.0.0 port 27444.
debug1: Bind to port 27444 on ::.
Server listening on :: port 27444.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: sshd version OpenSSH_8.8, OpenSSL 1.1.1l 24 Aug 2021
debug1: private host key #0: ssh-rsa SHA256:yV1IA8vfSiPBluZhKaMdC/IyP4BqhgBBfiBihO4R4/k
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:giUzmH9U0OgvvPkeuV7Xx+jjrhXffMnUi/5DEwWnAvg
debug1: private host key #2: ssh-ed25519 SHA256:eDZkJykIeeSbrZvFNNyvMPOJKrO0jwgSsrIQ/alW7RE
debug1: inetd sockets after dupping: 3, 3
debug1: getpeername failed: Transport endpoint is not connected
debug1: ssh_remote_port failed
here is tcpdump on router
admin@RT-AC68U-AB08:/tmp/home/root# tcpdump -i br0 -vnn port 27444
tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:30:54.063803 IP (tos 0x0, ttl 50, id 25265, offset 0, flags [DF], proto TCP (6), length 60)
103.135.162.8.6302 > 192.168.50.104.27444: Flags [S], cksum 0x6b66 (correct), seq 1990346997, win 29200, options [mss 1380,sackOK,TS val 2688125589 ecr 0,nop,wscale 7], length 0
15:30:54.065591 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.50.104.27444 > 103.135.162.8.6302: Flags [S.], cksum 0x706d (correct), seq 1261679441, ack 1990346998, win 43440, options [mss 1460,sackOK,TS val 3145009403 ecr 2688125589,nop,wscale 9], length 0
15:30:55.107284 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 60)
192.168.50.104.27444 > 103.135.162.8.6302: Flags [S.], cksum 0x6c5b (correct), seq 1261679441, ack 1990346998, win 43440, options [mss 1460,sackOK,TS val 3145010445 ecr 2688125589,nop,wscale 9], length 0
15:30:55.114974 IP (tos 0x0, ttl 50, id 25266, offset 0, flags [DF], proto TCP (6), length 52)
103.135.162.8.6302 > 192.168.50.104.27444: Flags [.], cksum 0x3fd3 (correct), ack 1, win 229, options [nop,nop,TS val 2688126647 ecr 3145010445], length 0
15:30:55.115403 IP (tos 0x0, ttl 50, id 25267, offset 0, flags [DF], proto TCP (6), length 93)
103.135.162.8.6302 > 192.168.50.104.27444: Flags [P.], cksum 0x1879 (correct), seq 1:42, ack 1, win 229, options [nop,nop,TS val 2688126648 ecr 3145010445], length 41
15:30:57.438982 IP (tos 0x0, ttl 50, id 25268, offset 0, flags [DF], proto TCP (6), length 93)
103.135.162.8.6302 > 192.168.50.104.27444: Flags [P.], cksum 0x0f66 (correct), seq 1:42, ack 1, win 229, options [nop,nop,TS val 2688128971 ecr 3145010445], length 41
15:30:57.440947 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 40)
192.168.50.104.27444 > 103.135.162.8.6302: Flags [R], cksum 0x30e8 (correct), seq 1261679442, win 0, length 0
how do I solve this issue, or is there any configuration on unraid server?
----------------------------
The confusing thing is when I ssh to openwrt(alias name:n1) device from wan. it works perfectly.
here is the log:
zhengtongshan@desktop-tingyu /mnt/e/DreamWardrobe/src/Branches/masterNew/Server/scripts
☺ cat ~/.ssh/config|grep -A 5 n1
Host n1
HostName tingyu.fun
User root
Port 27457
IdentityFile ~/.ssh/id_rsa
zhengtongshan@desktop-tingyu /mnt/e/DreamWardrobe/src/Branches/masterNew/Server/scripts
☺ ssh n1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
\ ____ _ __ __ /
\ / __ \____ ___ ____| | / /____/ /_ /
\ / / / / __ \/ _ \/ __ \ | /| / / ___/ __/ /
\ / /_/ / /_/ / __/ / / / |/ |/ / / / /_ /
\ \____/ .___/\___/_/ /_/|__/|__/_/ \__/ /
\ /_/ W I R E L E S S F R E E D O M /
\ /
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Base on OpenWrt R21.10.1 by lean & lienol
Kernel 5.10.75-flippy-66+
Packaged by MYAN on 2021-10-23
PLATFORM: amlogic SOC: s905d BOARD: n1
设备信息: Phicomm N1
CPU 型号: AArch64 : Cortex-A53 x 4
系统负载: 0.79 0.46 0.33 运行时间: 19天 10小时 57分钟 40秒
环境温度: 48.0 °C 当前频率: 1512 Mhz
内存已用: 23% of 1969MB IP 地址: 192.168.50.107
启动存储: 47% of 159.8M 系统存储: 44% of 736.0M