Ssh during vpn connection not possible

Hello together,

im using a raspi with a wireguard as my vpn gateway.

Unfortunately it is since a few weeks not possible, to get a ssh connection to the raspi while having a connection via vpn. I can ping the raspi and other devices inside my lan, but no ssh connection is possible.

When I use my android smartphone I can connect via ssh to the raspi while having a vpn.

Can anyone help me?

Best regards

Go into the wireguard phone app settings > advanced and toggle the ‘allow remote control apps’ option, maybe that works.

On my Smartphone everything is working fine, the issue only occurs when using manjaro on my notebook. Is there also a possibility to set a line in the config file?

I am not sure if I have understand your problem correctly, but I am pretty sure that you have to open ports per Wireguard connection/device. Could it be that the SSH port is not opened, and therefor not allowed? For my VPN (Mullvad), you open ports on their web page after you have logged in to your account.

Also, there might be a “Local Network Sharing” option in the settings somewhere, that might need to be turned on.

But, as I said, I might completely have misunderstood the issue here :slight_smile:

Yes, thats right - it is necessary to open a port. But in my opinion it should be only necessary to open the port for the Wireguard VPN Connection. After the tunnel is established, SSH should work because every traffic should pass the tunnel.

When using my android device it works - so the port configuration should be ok.

I have mullvad installed on my desktop and i can ssh into it from my phone without opening any ports in Wireguard, only the Wireguard port in my router ofcourse.

Exactly that is the behaviour what I would expect I opened the port in my router and ssh is working fine on my phone, but not with my notebook and manjaro.

I suspect that this should be a configuration in manjaro, but I don’t now which one and how to solve the problem.

I am having maybe similar problem. From a WG client, i can not connect LAN computers. Per the “traceroute” ran on WG client, the connection goes into the tunnel and away to the internet instead of bypassing the tunnel. I can set the WG config file on client to allow LAN, but then port forwarding from server to client stop working. The issue is described in the comment here. Help in this would be greatly appreciated, i have to use other computer to connect LAN computers.

It’s really interesting: What I found is, that a ssh connection via putty or remmina is also with a VPN connection possible, with terminal not.

Best regards