Lost Contact with Computer: Router settings to blame?

I'm travelling and have been working remotely by SSHing into my personal computer that's behind an Asus RT-ACRH13 running OpenWRT 19.07. Everything was going fine until suddenly today when I was unable to SSH in. I had a friend stop by my apartment and restart the computer and although I was able to SSH into the small dropbear service that runs only during bootup, once it reached the login screen I could not access the main SSH service that I work through on the computer.

Previously I'd been using fwknop to open up the router's ports to let me SSH and am unsure whether the problem is related to something going wrong there / on the router side or with my computer. I've tried a number of things to diagnose the problem myself:

1.) Use LUCI to port forward the SSH port directly to my computer. When I do an nmap after setting up the port forwarding it returns state "filtered" as opposed to "closed" but I've noticed if I port forward to a port that I know my computer doesn't have a service running on it says the same thing for that port.

2.) When I ssh into the router and try pinging my computer from there there's no response, but I can ping other devices on the network. I put my computer by itself in its own vlan, interface and zone called "isolated" for security, so I'm not sure if the ping is not getting through due to router setup or problem with my computer.

3.) I tried using LUCI to forward all ICMP traffic from wan to my computer in isolated but no ping response.

4.) In LUCI I see that my computer has an active DHCP lease, but perhaps that's just from the dropbear service that ran briefly when it was restarted? Looking at LUCI's realtime graphs I see zero traffic on the isolated interface except for occasional bursts. The connections tab shows no open connections for my computer.

5.) I was not playing with my computer's SSH server settings last time I accessed it.

Any suggestions on what I could try next to diagnose or fix the problem or am I just out of luck until I get physical access? If you let me know which config files would be helpful, I'm happy to provide them.

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
iptables-save -c; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ping -c 5 IP_OF_PC
1 Like
  1. " Filtered" means the packets are being dropped, or the target machine does not exist. "Closed" means the packets are being rejected.
  2. Windows PCs by default do not answer pings.
  3. See 2.
  4. The server should have a DHCP reservation so it always gets the same known IP. The router's ARP table can be examined to see if a machine at a particular IP has ever had a layer 3 interaction with the router.
  5. Since pinging may not work you can try originating a ssh connection from the router to the LAN computer. Dropbear includes a ssh client usable as ssh from the CLI.

Rule lan_to_isolated_for_plex is not needed, as you have lan->isolated forwarding.
ssh_to_workpc is not enabled.
ping_workpc is not enabled.
ping_workpc_from_router is not enabled and not needed/wrong.
To isolate the problem, you can try to ssh from the router directly to the PC. If that works, we can troubleshoot the ingress from wan connections. If not, there is something wrong with the PC.

I disabled those rules after testing them since they did not help with the problem. Unfortunately even with those rules enabled I could not SSH from the router to my work PC, but it's good knowing the problem is the PC and not the router settings, thanks.

1 Like