Home router is unreachable from Virtual Private Server

DoorDaesh · 10-31-2023, 05:40 PM

I ssh into my VPS from my home PC. The VPS has internet access and can download any packages it needs, but it cannot reach my home router. when I run

Code:

traceroute -m 255 ${router_ip}

it prints 15 hops and everything after that is

Code:

* * *

jefro · 10-31-2023, 07:52 PM

ICMP versus TCP/IP?

https://linux.die.net/man/8/traceroute

DoorDaesh · 10-31-2023, 07:58 PM

Are you saying that the traceroute command uses ICMP and that I should be using a tool that uses TCP/IP instead? If so, what should I run?

Edit:

Quote:

traceroute -T ${router_ip}

gives similar results.

frankbell · 10-31-2023, 08:37 PM

Maybe I'm way off base here, but I must ask, is the VPS on the same subnet as the router?

DoorDaesh · 10-31-2023, 08:46 PM

Quote:

Originally Posted by frankbell

is the VPS on the same subnet as the router?

My understanding of subnets is shaky but I'm pretty sure the answer is no. The VPS is on another continent from the router and neither the VPS nor router are on a VPN or VLAN.

DoorDaesh · 10-31-2023, 09:05 PM

When I type "what's my ip" into google on my home PC I get 38.xxx.xxx.xxx. The DDNS domain provided by my router manufacturer resolves to the same address. However, the router says its WAN IP is 100.xxx.xxx.xxx

Am I behind a CGNAT?

https://www.reddit.com/r/HomeNetwork...eb2x&context=3

lvm_ · 11-01-2023, 02:13 AM

Many routers can me configured to ignore ICMP requests and do so by default. Check your router settings. And your ISP can be doing the same.

DoorDaesh · 11-01-2023, 06:32 AM

I think the answer lies with the Port Control Protocol, but I'm at a loss for how to implement it.

yvesjv · 11-01-2023, 02:23 PM

Try this one first:
https://phoenixnap.com/kb/tracepath-vs-traceroute

You could also use this one with tcp or udp instead of icmp:
https://www.cloudns.net/blog/linux-mtr-command/

jefro · 11-01-2023, 03:51 PM

What I understand is you can ssh to some IP address correct?? Then it follows that there is a port(s) open as well as protocol allowed and that one can access the IP address. Has nothing to do with anything else.

Not knowing more about this server I can't answer more. Where is it, who set it up, what is wrong ....

scasey · 11-02-2023, 12:06 AM

I get exactly the same behavior…ssh to a vps, traceroute to my router’s public (WAN) IP. Responses stop after reaching my ISPs network. I consider that normal, or at least typical, behavior. ISPs tend to limit tracing packets around their networks, considering that to be proprietary information. I’m OK with that.

Upon checking my IP “on Google,” I learned that I’m browsing via a VPN (Apple’s iCloud), although the connections on my server knows my real IP address, so not all traffic is going that way.

jeniy · 12-04-2023, 09:36 AM

It appears that the home router cannot be accessed from the Virtual Private Server (VPS).

TB0ne · 12-04-2023, 11:28 AM

Quote:

Originally Posted by jeniy

It appears that the home router cannot be accessed from the Virtual Private Server (VPS).

Really??? That was stated above.

rkelsen · 12-04-2023, 02:08 PM

This is expected behaviour, for many reasons.

The way around it is to set up something like OpenVPN at the VPS end and connect to it from the home end. At the home end, you'll need to set up a port forward on your router, and possibly some static routes if you wanted to reach a specific machine from there. This will give you two way traffic from each end.

BUT I'd only do that if you really need access to your home machine from the VPS.

scasey · 12-04-2023, 03:24 PM

Yes. What rkelsen said.
For what purpose do you want to access your home PC from the remote server?
What are you wanting to accomplish and/or what problem are you trying to solve?

As I said, that’s how it works for me. I have no reason to connect to my home network from my remote server. If I want to move something from the server to my PC, I “pull” it…sftp GET, for example.