SSH does not work over Wireguard Tunnel

Started by karasu, January 03, 2025, 08:22:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 03, 2025, 08:22:01 PM Last Edit: January 03, 2025, 08:23:41 PM by karasu
I setup a wireguard tunnel by following this guide so that I can access my home network even when I'm out & about.

I configured a firewall rule that generally disallows any traffic to pass to devices within my home network, but allows all outbound traffic.
Then I added more rules allowing all connections to two specific hosts from my home network.

Things like ICMP ping and HTTP to these two hosts work just fine.
But I just can't get SSH to work.

After some research I found that this step adding normalization rules is important, which I had neglected to do at first.
But even after adding normalization rules, it still doesn't work.

Looking at firewall logs, it seems that out of the wireguard tunnel I can reach the other devices through ssh, but the response isn't let through.
From the attached image:
- Source 192.168.1.238 is the host in my home network which I want to SSH into
- Target 10.50.50.16 is my laptop which is connected to the wireguard tunnel. I run the ssh command from this laptop.
And this is denied by a firewall rule on LAN inbound.

I've tried to add various firewall rules to allow the connection through, but nothing works ;-(
January 04, 2025, 06:37:21 PM #1
Since the SSH response isn't getting through, even after adding normalization rules, it might be worth double-checking your LAN inbound rules. Ensure there's a rule explicitly allowing SSH traffic from your home network's source IP to your laptop's target IP through the WireGuard interface. Sometimes, it helps to place this rule higher in the priority list to ensure it takes effect before other rules. Keep an eye on the logs for any clues about what's blocking the connection. Good luck!
Print
Go Up Pages1
User actions