You are here

Tunnel will not connect

11 posts / 0 new
Last post
K1DOS
Tunnel will not connect
I am trying to host a tunnel.  I have an hAP connected to my Internet router, on my Internet router I have forwarded port 5525 to the IP address assigned by my Internet router to the WAN port of the hAP (192.168.1.113).

In the hAP's Tunnel Server DNS Name I have entered the outside IP address of my Internet router (assigned by my ISP).

However, when I create a client account the remote node/client cannot connect.

Any guidance would be appreciated.

Respectfully,

Hank/K1DOS
AB7PA
Two steps on your Internet router
There are two things you need to do on your Internet router.  1) Create the port forwarding rule, which you said you have already done.  2) Allow traffic on incoming port 5525 to pass through your router.  If your router is still denying port 5525 traffic, then it will never reach your port forwarding rule.  To test your settings you can have someone outside of your home network try to telnet to your static IP address on port 5525.  They should see something like this:
>> telnet  98.76.54.32  5525

Trying 98.76.54.32...
Connected to 98.76.54.32.
Escape character is '^]'.
VTUN server ver 3.X 03/22/2019
This shows that the traffic is being allowed by your Internet router and is being forwarded to your node, and that the VTUN server on your node is receiving the request.
K1DOS
Tried the test and it failed.
Tried the test and it failed.  Any suggestions on how to fix it?

Hank - K1DOS
k1ky
k1ky's picture
Must try from outside your network
Hank,

You will need to test this from a connection outside of your network.  Contact me direct if you still need help.  T.D.
 
K1DOS
I have tested from the
I have tested from the outside and inside and cannot connect?
AB7PA
Issue with router or firewall
Most likely it's an issue with your Internet router/firewall.  You can verify that everything is working on your tunnel server node by connecting to the node using telnet or ssh.  Look at the running processes and you should see something like this:
#  ps | grep vtund
vtund[s]: waiting for connections on port 5525
This tells you that the tunnel server is running and actively listening for anything your firewall forwards to it.

You could also check the node's logs to see if there are any errors being reported.  Something like this should work:  logread | grep -i vtun
If there is an error in the tunneling parameters, you may see a message like this:
Fri Oct 11 08:53:09 2019 daemon.info vtund[22313]: Denied connection from 98.76.54.32:45785
You can then verify that all the correct credentials were entered on both the tunnel server and the tunnel client.
ke6bxt
ke6bxt's picture
Tunnel help
Can you post screenshots of the Node status and Tunnel Server/Tunnel Client pages from both the Server and Client nodes?
Also, the node name of the Client node needs to have a node name that is no longer than 21 characters long.
nc8q
nc8q's picture
screenshot of the Tunnel Client page

Please, a screenshot of the Tunnel Client page and
paste the email you sent to the client auto-magically created from the server.

KE2N
KE2N's picture
dns?

not sure if this would help - but I think the outside address of your router is not the right DNS setting.  If you look in your router's set up, you should see some addresses that the router is using as DNS.  These addresses will not be the address of the router itself.

If all else fails I can suggest you set the node to DHCP and adjust port forwarding if need be.  Usually the router will leave the LAN IP for a given MAC address where it was, but you should check.  
 

nc8q
nc8q's picture
outside address of your router is ... the right DNS setting

The outside address of your router is the right DNS setting for the Tunnel Server.
It works for me. I had to take that screen capture quickly after pasting the text
as that page auto-updates every few seconds. An error notice appears after a few
seconds. :-|

Image Attachments: 
K5DLQ
K5DLQ's picture
The "Tunnel DNS Server Name"
The "Tunnel DNS Server Name" is only used when you click the email icon to send the tunnel client owner an email with the details of the connection.  It serves no other purpose.

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer