github/pangolin
1
1
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-04-05 17:01:57 +02:00
Code Issues 85 Packages Projects Releases Wiki Activity

Can't make client resource to work #995

New Issue
Closed
opened 2026-04-05 18:05:31 +02:00 by MrUnknownDE · 0 comments
MrUnknownDE commented 2026-04-05 18:05:31 +02:00
Owner
Copy Link

Originally created by @estevez-dev on 8/28/2025

I tried everything I could (or did find), and while tunnels with Newt work fine, I can't make the Olm client connect to the Client Resource.

Pangolin 1.9.1
Gerbil 1.2.0
Newt 1.4.2

I have server A and server B. I want to have secure access from server B to the SSH on server A through Olm.

What I've done

  1. I created a new Site "Server A" (100.90.128.71), installed and connected Newt on server A with --accept-clients.
  2. I created a new Client "Server B client" (100.90.128.128), installed and connected Olm on server B.
  3. I added "Server A" as an available site for the Server B client
  4. The site and the client are "Online" and "Connected"
  5. Then I went to the Resources -> Client Resources and created a new resource:
  • Name: "Server A SSH"
  • Protocol: TCP
  • Site Port: 22321
  • Destination IP: 192.168.1.71 (local IP of the server A)
  • Destination Port: 22

Logs of Olm:

INFO: 2025/08/28 12:20:57 Olm version 1.1.0
INFO: 2025/08/28 12:20:57 Websocket Connected
INFO: 2025/08/28 12:20:57 Sent registration message
INFO: 2025/08/28 12:20:57 Sent initial ping message
INFO: 2025/08/28 12:20:58 Starting hole punch for 1 exit nodes
INFO: 2025/08/28 12:20:58 Starting UDP hole punch to 1 exit nodes
INFO: 2025/08/28 12:20:58 Resolved exit node: pangolin.vi.place -> 65.21.141.76:21820
INFO: 2025/08/28 12:20:58 Starting hole punch for 1 exit nodes
INFO: 2025/08/28 12:20:59 Stopping UDP holepunch for all exit nodes
INFO: 2025/08/28 12:20:59 UDP hole punch goroutine ended for all exit nodes
INFO: 2025/08/28 12:20:59 UDP hole punch goroutine ended
INFO: 2025/08/28 12:20:59 UAPI listener started
INFO: 2025/08/28 12:20:59 Started monitoring for site 8 at 100.90.128.71:61455
INFO: 2025/08/28 12:20:59 Configured peer 5f2Re1kQKpE4CMsqXMFDw66gnitRNAjt7945Tl5ED0Q=
INFO: 2025/08/28 12:20:59 Started monitoring peer 8
INFO: 2025/08/28 12:20:59 WireGuard device created.
WARN: 2025/08/28 12:21:02 Peer 8 is disconnected

Logs of Newt:

INFO: 2025/08/28 13:20:13 Newt version 1.4.2
INFO: 2025/08/28 13:20:13 Setting up clients with netstack...
INFO: 2025/08/28 13:20:13 Creating new health check monitor
INFO: 2025/08/28 13:20:14 Websocket connected
INFO: 2025/08/28 13:20:14 Requesting exit nodes from server
INFO: 2025/08/28 13:20:14 Requesting WireGuard configuration from remote server
INFO: 2025/08/28 13:20:14 Received ping message
INFO: 2025/08/28 13:20:14 Received registration message
INFO: 2025/08/28 13:20:14 Connecting to endpoint: pangolin.vi.place
INFO: 2025/08/28 13:20:14 Starting UDP hole punch routine to 65.21.141.76:21820
INFO: 2025/08/28 13:20:14 Initial connection test successful
INFO: 2025/08/28 13:20:14 Tunnel connection to server established successfully!
INFO: 2025/08/28 13:20:14 Successfully added 0 health check targets
INFO: 2025/08/28 13:20:14 Started tcp proxy to 192.168.1.71:30144
INFO: 2025/08/28 13:20:14 Started tcp proxy to 192.168.1.71:30140
INFO: 2025/08/28 13:20:14 Started tcp proxy to 192.168.1.71:30108
INFO: 2025/08/28 13:20:14 Started udp proxy to 127.0.0.1:61454
INFO: 2025/08/28 13:20:16 Received WireGuard clients configuration from remote server
INFO: 2025/08/28 13:20:16 Stopping UDP holepunch
INFO: 2025/08/28 13:20:16 WireGuard netstack device created and configured
INFO: 2025/08/28 13:20:16 [WGTester] Server started on 0.0.0.0:61455
INFO: 2025/08/28 13:20:16 Peer wygTJ5RentYGnQUkSIFHJJ0lx/WerWm/J3LvWMb+8Fk= added successfully
INFO: 2025/08/28 13:20:16 No targets updated, no netstack replacement needed
INFO: 2025/08/28 13:20:16 Started tcp proxy to 192.168.1.71:22
INFO: 2025/08/28 13:22:17 Peer U+bPWHp9Sk3VPFKT0fF5b6WqSAG2T8hbrqhLEDaNyDo= removed successfully
INFO: 2025/08/28 13:22:17 Peer G3n52cvLWXci8KxXE1rMlF2hxuzKHr2AJctWKRq0S0g= added successfully

Now on Server B, I'm trying to test SSH:

ssh -T root@100.90.128.71 -p 22321 -v

And igetting:

debug1: Connecting to 100.90.128.71 [100.90.128.71] port 22321.
debug1: connect to address 100.90.128.71 port 22321: Connection timed out
ssh: connect to host 100.90.128.71 port 22321: Connection timed out

From the shell of Server A, I can do ssh -T root@192.168.1.71 and it works.

Server A and Server B are bare metal, not LXCs.

What am I doing wrong?

*Originally created by @estevez-dev on 8/28/2025* I tried everything I could (or did find), and while tunnels with Newt work fine, I can't make the Olm client connect to the Client Resource. Pangolin 1.9.1 Gerbil 1.2.0 Newt 1.4.2 I have server A and server B. I want to have secure access from server B to the SSH on server A through Olm. **What I've done** 1. I created a new Site "Server A" (100.90.128.71), installed and connected Newt on server A with `--accept-clients`. 2. I created a new Client "Server B client" (100.90.128.128), installed and connected Olm on server B. 3. I added "Server A" as an available site for the Server B client 4. The site and the client are "Online" and "Connected" 5. Then I went to the Resources -> Client Resources and created a new resource: - Name: "Server A SSH" - Protocol: TCP - Site Port: 22321 - Destination IP: 192.168.1.71 (local IP of the server A) - Destination Port: 22 Logs of Olm: ``` INFO: 2025/08/28 12:20:57 Olm version 1.1.0 INFO: 2025/08/28 12:20:57 Websocket Connected INFO: 2025/08/28 12:20:57 Sent registration message INFO: 2025/08/28 12:20:57 Sent initial ping message INFO: 2025/08/28 12:20:58 Starting hole punch for 1 exit nodes INFO: 2025/08/28 12:20:58 Starting UDP hole punch to 1 exit nodes INFO: 2025/08/28 12:20:58 Resolved exit node: pangolin.vi.place -> 65.21.141.76:21820 INFO: 2025/08/28 12:20:58 Starting hole punch for 1 exit nodes INFO: 2025/08/28 12:20:59 Stopping UDP holepunch for all exit nodes INFO: 2025/08/28 12:20:59 UDP hole punch goroutine ended for all exit nodes INFO: 2025/08/28 12:20:59 UDP hole punch goroutine ended INFO: 2025/08/28 12:20:59 UAPI listener started INFO: 2025/08/28 12:20:59 Started monitoring for site 8 at 100.90.128.71:61455 INFO: 2025/08/28 12:20:59 Configured peer 5f2Re1kQKpE4CMsqXMFDw66gnitRNAjt7945Tl5ED0Q= INFO: 2025/08/28 12:20:59 Started monitoring peer 8 INFO: 2025/08/28 12:20:59 WireGuard device created. WARN: 2025/08/28 12:21:02 Peer 8 is disconnected ``` Logs of Newt: ``` INFO: 2025/08/28 13:20:13 Newt version 1.4.2 INFO: 2025/08/28 13:20:13 Setting up clients with netstack... INFO: 2025/08/28 13:20:13 Creating new health check monitor INFO: 2025/08/28 13:20:14 Websocket connected INFO: 2025/08/28 13:20:14 Requesting exit nodes from server INFO: 2025/08/28 13:20:14 Requesting WireGuard configuration from remote server INFO: 2025/08/28 13:20:14 Received ping message INFO: 2025/08/28 13:20:14 Received registration message INFO: 2025/08/28 13:20:14 Connecting to endpoint: pangolin.vi.place INFO: 2025/08/28 13:20:14 Starting UDP hole punch routine to 65.21.141.76:21820 INFO: 2025/08/28 13:20:14 Initial connection test successful INFO: 2025/08/28 13:20:14 Tunnel connection to server established successfully! INFO: 2025/08/28 13:20:14 Successfully added 0 health check targets INFO: 2025/08/28 13:20:14 Started tcp proxy to 192.168.1.71:30144 INFO: 2025/08/28 13:20:14 Started tcp proxy to 192.168.1.71:30140 INFO: 2025/08/28 13:20:14 Started tcp proxy to 192.168.1.71:30108 INFO: 2025/08/28 13:20:14 Started udp proxy to 127.0.0.1:61454 INFO: 2025/08/28 13:20:16 Received WireGuard clients configuration from remote server INFO: 2025/08/28 13:20:16 Stopping UDP holepunch INFO: 2025/08/28 13:20:16 WireGuard netstack device created and configured INFO: 2025/08/28 13:20:16 [WGTester] Server started on 0.0.0.0:61455 INFO: 2025/08/28 13:20:16 Peer wygTJ5RentYGnQUkSIFHJJ0lx/WerWm/J3LvWMb+8Fk= added successfully INFO: 2025/08/28 13:20:16 No targets updated, no netstack replacement needed INFO: 2025/08/28 13:20:16 Started tcp proxy to 192.168.1.71:22 INFO: 2025/08/28 13:22:17 Peer U+bPWHp9Sk3VPFKT0fF5b6WqSAG2T8hbrqhLEDaNyDo= removed successfully INFO: 2025/08/28 13:22:17 Peer G3n52cvLWXci8KxXE1rMlF2hxuzKHr2AJctWKRq0S0g= added successfully ``` Now on Server B, I'm trying to test SSH: ``` ssh -T root@100.90.128.71 -p 22321 -v ``` And igetting: ``` debug1: Connecting to 100.90.128.71 [100.90.128.71] port 22321. debug1: connect to address 100.90.128.71 port 22321: Connection timed out ssh: connect to host 100.90.128.71 port 22321: Connection timed out ``` From the shell of Server A, I can do `ssh -T root@192.168.1.71` and it works. Server A and Server B are bare metal, not LXCs. What am I doing wrong?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Improvement
Improvement
Improvement
Improvement
Look Into
Security
Security
api
api
authentication
authentication
authentication
authentication
authentication
authentication
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
config
config
config
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
docker
docker
docker
docker
docker
documentation
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
github_actions
go
go
go
go
go
go
go
go
go
go
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
javascript
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
needs investigating
networking
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
new feature
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
non-critical bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
potential bug
question
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
reverse proxy
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
stale
ui
ui
ui
ui
ui
ui
wontfix
No Label stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
MrUnknownDE
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github/pangolin#995
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?