Problem Solved
It was an asymetric routing problem. It occured because i had two NICs on the server, one wired and one wireless. When connecting to the server via wlan-ap-wire, the packets took another way back. The solution was pretty easy, just disabled one NIC (the one for wlan, only used when testing...).
Original question
I have the following setup on my lan.
LAN: 192.168.1.0/24 (LAN for clients)
DMZ: 192.168.20.0/25 (LAN for server)
WAN: X.X.X.X
One router acting AP (192.168.1.200) on the LAN interface for WLAN access.
Scheme:
WAN - router with pfsense - LAN - (dd wrt as AP, WLAN) - clients
- DMZ (wired)
When i ssh from a client connected to the WLAN to the server on the DMZ interface the connection drops out after ~30s.
EDIT: i get the same problem with ftp, the tcp connection drops out after ~30s. Probably a asymmetric routing problem...
For debug purpose i tested to connect the DMZ to the WLAN, and then it works perfect.
One solution is of course to connect the server to the LAN interface instead of the DMZ interface.
I googled and found a similar thread: pfsense: connection between two internal lans dropped after 20 seconds I think the problem is what tleding is speaking about: "... As you probably already realize, because the switch had an IP in the same subnet as my machine, return packets from the switch would go direct to my machine rather than following the same path as packets from my machine. The switch would essentially just side-step the PFSENSE box...."
But i cant solve the issue.
For debug purpose i added allow all rules on both the LAN and the DMZ interface, and the initial connection works.
Sorry,i’m a bit unclear. My wlan is just an AP plugged into the lan using an old netgear router as an access point, so the wlan and lan is the same net. All clients is getting their IP from 192.168.1.1 (pfsense). The ap is configured as https://wiki.dd-wrt.com/wiki/index.php/Wireless_Access_Point
