TCP reset when connecting to telnet/ssh from VPN

All about firmwares for routers. Support for RouterTech firmwares is here too.
Post Reply
User avatar
rokafeller
Regular
Regular
Posts: 71
Joined: Wed Jul 22, 2009 8:57 pm
Location: Italy

TCP reset when connecting to telnet/ssh from VPN

Post by rokafeller » Sat Jun 14, 2014 3:04 pm

Hi there,
a weird thing happens when I try to connecto to local telnet/ssh service on RT 2.97 from a VPN clients connected through openvpn in TUN mode (ie. routed). Same happens with clients from a site-to-site vpn tunnel between two idendical RT 2.97 routers.
Long story short, if the vpn segment is bridged (TAP) everything work as espected. If it's routed (TUN) both telnet and ssh services on RT send a TCP RST (checked with wireshark) message upon every client connection incoming from VPN.
Local connections are fine, connections coming from non-vpn outside interfaces are fine as well.
Now, I'd like to use TUN because L3 VPN is the best practice when L2 signalling is not needed, and to prevent L2 traffic from burdening my lousy ADSL's uplinks.

anyone experienced anything similar before? I don't know much about TCP RST message generation, could be the kernel being picky about TCP connections parameters from VPN tunnels? attached server and client config.

cheers
g.
Attachments
server.txt
(533 Bytes) Downloaded 513 times
client.txt
(260 Bytes) Downloaded 497 times
Running D-Link DSL-G624T, PSP bootloader in place of the original Adam2, RouterTech Firmware v2.97. OpenVPN and port knocking services activated.
Post Reply