Dropped email/ssh client connections

Support
6

Do I understand correctly that you use an external VPN provider? In that case, your connection from your phone seems to come from the public internet, as opposed to from your personal LAN.

It could be that your router is trying to prevent a rebinding attack. Your server has a 192.168.x.y address, which is ‘unexpected’. Some routers do not allow connections to a domain.tld to point to a private IP address.

I know that AVM Fritzboxes have this behaviour. There is a page on their site explaining how to add your server / domain to the exception list. I posted a screenshot in an earlier conversation, Trouble getting to sso login page - #4 by wbk

Talking about screenshots, I got one here about the forum:
image

If you select a bit of text, there is a popup (the bit saying "Quote >Share ) that allows you to copy the text as quote in the new post editor. That way it is easier for readers to distinguish between quotes and new bits of conversation.

I have not used a VPN to connect in that way. It should be possible though, and would provide a way to get a reverse DNS (depending on your VPN provider). Maybe it is something for another thread to look into once the other problems are solved.

Strange; your diagnosis tells that fail2ban is running, and warns that there are many failed logins. This combined would mean many log lines.

I forgot to specify using sudo. That could be the reason!

Could you try this:

  • open one SSH connection, and run sudo tail -f /var/log/fail2ban.log
    • this wil give a live view of the log (-f for ‘follow’ )
  • open a second SSH connection, and run sudo service fail2ban restart
    • this wil restart fail2ban, and write some info to fail2ban.log
  • some lines should appear in the first SSH window
  • press ctrl-c in the first window to exit tail -f
  • next try sudo cat /var/log/fail2ban.log* |grep NOTICE
    • this will list all (un)block actions and the IPs (and some other info)
    • see if the IP of your computer/laptop/phone is in the list
    • don’t be alarmed at many unknown IPs in the list: that is what fail2ban is for.

Could you tell what I see in the screenshot, and what you expected to see?