I have the following setup:
Machine 1 -> Home router -> Internet -> Mobile hotspot -> Machine 2
Machine is running an OpenVPN server on UDP port 1194 and SSH on port 2022. I want to SSH from Machine 2 to Machine 1.
My home router has a static IP assigned to it by the ISP and I have enabled port forwarding for UDP port 1194 from router to machine 1.
I am able to connect to OpenVPN and get following IPs - Machine 1 (10.8.0.1), Machine 2 (10.8.0.6). Both machines are able to ping each other.
I have also opened the firewall on machine 1. Following is the UFW output.
myuser@pc-arch:~$ sudo ufw status numbered Status: active To Action From -- ------ ---- [ 1] 1194/udp ALLOW IN Anywhere [ 2] 2022/tcp ALLOW IN 10.8.0.6 [ 3] 1194/udp (v6) ALLOW IN Anywhere (v6) However when I try to SSH using ssh -vvv -p 2022 [email protected], it gets stuck and then timeouts.
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY Connection closed by 10.8.0.1 port 2022 SSHD logs from machine 1: Apr 17 13:21:18 pc-arch sshd[938]: Timeout before authentication for connection from 10.8.0.6 to 10.8.0.1, pid = 1175711 Following are my server and client configurations for OpenVPN:
server 10.8.0.0 255.255.255.0 dev tun proto udp port 1194 # Privileges user openvpn group openvpn # Notify clients when server is restarted server to reconnect quickly explicit-exit-notify 1 # Ping every 60s, restart if no data received for 5 minutes keepalive 60 300 ca /etc/openvpn/server/ca.crt cert /etc/openvpn/server/local.crt key /etc/openvpn/server/local.key dh /etc/openvpn/server/dh.pem tls-crypt /etc/openvpn/server/ta.key client remote <static public IP> 1194 dev tun user openvpn group openvpn ca /etc/openvpn/client/ca.crt cert /etc/openvpn/client/local.crt key /etc/openvpn/client/local.key tls-crypt /etc/openvpn/server/ta.key 
2025-04-17 14:20:56 106.224.138.253:37117 peer info: IV_MTU=1600. I am going to guess ICMP is allowed since ping works both on the VPN and in my LAN. I can also ping my router from outside.