Using JuiceSSH on my phone, I’m able to connect to my device without any problems when I’m on my home Wi-Fi. However, when off WiFi and connected to my VPN, the server doesn’t connect. I’m still able to access the services it’s running, but can’t SSH into the server itself.
Edit: I thought I answered everyone’s questions but I’m not seeing the answers so I’m posting the info here.
I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.
ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work
I’m using the built in VPN service in my router. It uses the OpenVPN protocol.
Edit 2: Using the same VPN config file, I’m able to access the server using Putty on my laptop. So I’m wondering if it is a Juice specific issue.
any errors you could show us?
I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.
ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work
I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.
ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work
Off the top of my head, here are a few things to check.
- is your ssh server configured to only use a specific network interface? If it is, is that network interface reachable from the internet?
- is the correct port open in your firewall?
- is it possible you are doing port redirect in your firewall? Meaning the wan port redirects to a different land port.
What address is sshd listening on?
It would need to be able to listen to incoming connections via the VPN’s tunnel device. So either 0.0.0.0 (so all addresses) or explicitly on whatever the tunnel’s assigned address is, I think.
This could also be a firewall issue, can you share your routing tables?
It’s been a while since I’ve used OpenVPN, but if I remember correctly when I had this issue I had to change “dev tun” to “dev tap”. Ultimately the problem was that OpenVPN was assigning an ip on an unrouted subnet. I could access the internet, but not local devices.
Personally I switched to Wireguard. It’s just so much easier to configure and add/manage devices. OpenVPN is way more powerful and configurable than I need.
I’m not especially attached to OpenVPN, it’s just always worked for me to this point and is built into the router firmware. So I haven’t needed to change
Is your VPN running on the same host as ssh? If so it could be a firewall issue. What VPN are you using?
VPN is running on the router. OpenVPN
I’m using the OpenVPN protocol built into my router
What’s your router ?
Asus RT-AC66U
Really strange. Probably done all this, but just run through it again make sure you haven’t got a typo somewhere or something.
1. Check Connection Settings: Ensure the IP, port, and authentication details are correct in JuiceSSH. 2. Firewall Rules: Confirm the SSH port (usually 22) isn’t blocked by any firewalls on your network or server. 3. Try another SSH App: To see if it’s a JuiceSSH-specific issue, download another SSH client like Termius and test the connection.
(I’d probably start with 3, might narrow it down to a juice config problem, I’m not very familiar with juice)
I would also test by connecting to the vpn and trying to go to a service’s ip or ping an ip on the network behind the vpn from the browser. I use juice and ovpn on my router as well and it works fine, so its unlikely to be a juice specific problem
Yeh. It’s strange if it’s the same config file. Works on a laptop via putty.
Surely just a configuration issue. Or like I said. Even a typo. I’m an absolute newb. I’ve spent days debugging networks, only to find a typo somewhere.
Can you share your firewall config? It could be that the firewall isn’t allowing packets to be forwarded from the tun/tap interface on the router to the LAN interface or vice versa.
Can you ping the ssh server from the phone?
Are you trying to connect via IP or via hostname/DNS? Try IP if you haven’t yet.
Perhaps you have only allowed connections from specific clients or from local IP’s only?
Are there any error messages or do you get a timeout?
I get the below message and nothing happens. Then about 60 seconds later Juice gives a timeout error.
ssh_socket_connect: Nonblocking connection socket: 98 ssh_connect: Socket connecting , now waiting for the callbacks to work
Connecting via IP.
how does the ip start? 192.x or 10.x maybe?
192.x
What is your VPN in this context? Is it a VPN on your server/server’s network to allow you access to that device specifically? Or a general public VPN for privacy?
If the latter check that you don’t have any firewall rules to only allow SSH from your home’s IP, or maybe the VPN provider doesn’t allow using port 22 SSH for some reason.