SSH stuck
Jonathon Fernyhough
jonathon.fernyhough at york.ac.uk
Wed May 10 09:31:12 CEST 2017
Hi Jean-Yves,
On 09/05/17 23:32, Bzzzz wrote:
> 1- I solved the LAN being unreachable apart the endpoint and the internet
> being completely unreachable with an iptables rule:
> iptables -t nat -I POSTROUTING -s 10.11.12.0/24 -o eth0 -j MASQUERADE
> is this right? (if not, why?)
I don't think this is Wireguard specific. That rule essentially allows
that machine to act as a NAT gateway, the same as for e.g. an OpenVPN
server.
> 2- When I want to ssh any LAN machine, wireshark only sees 4 packets:
> client announce
> server ACK
> client key negociation
> server key negociation
> and that's all.
> Is it a limitation (non-TCP packets) or is there another reason for
> ssh not working as expected? (connecting to any machine http srv works
> perfectly)
SSH over a Wireguard interface works as expected for me. You might have
some luck seeing what's going on with `ssh -v` (and increasing the
verbosity with further `v`s, e.g. `ssh -vvvv`).
Jonathon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20170510/a6e06e3a/attachment.asc>
More information about the WireGuard
mailing list