For the past month or so my storage box has been driving me insane. Whenever I SSH into the box, after about 30 seconds it would always disconnect me. I checked everything from routes, to firewall rules, and nothing was amiss. I spent weeks looking for the cause of these SSH Disconnects, but to no avail. That is, until recently. After some extreme googling, I was able to figure out the cause and I had to share it.
On the server in question, I have it hooked up to two networks. One vi cable, and another using a VLAN tag on the same port. If I were to take down the VLAN interface, or the direct cable interface, then SSH would not have any disconnect issues. This lead me to believe it was a routing issue, or a network configuration problem. Well in the end, I found the cause to be none other then my firewall, PfSense!
After finding a thread on their forum with someone who shared my troubles, I was able to find a solution and I felt it should be shared. (That said thread is linked at the bottom of this post).
So, lets get started!
- Login to your PfSense firewall
- Go to System > Advanced > Firewall / NAT
- Set Firewall Optimization Options to Conservative
- Enable Clear invalid DF bits instead of dropping the packets
In the end, it should look like this:
After this, my SSH disconnects completely disappeared! I hope you find this as useful as I did.
Citation:
Pingback: SSH connection through UTM 9 VM dropping after 1 min - Sophos User Bulletin Board
This was VERY helpful. I think my telnet/ssh disconnect problems are gone! Knock on wood, fingers crossed!
Excellent! That worked for us, as well, although our symptoms were slightly different. During backup times, when the network was being stressed, this would occur to long-running persistent SSH connections. This change has allowed those sessions to remain connected.
I tried that solution, and at the first look it worked
But the problem must be elsewhere. If you take a look at the help page of pfSense it shows that in the “normal” Firewall mode “tcp.opening No response yet” get terminated after 30secs which is the time ssh takes to disconnect.
https://doc.pfsense.org/index.php/Advanced_Setup#Firewall.2FNAT
In “conservative” mode this time is just increased to 15min!
So i waited for 15min instead of 30sec -> and the same problem occured.
Do you have any idea what else it could be?
I have the same issue as you above only means the problem takes 15 min to appear did you ever find a solution ?
The problem for me turned out to be the MTU size.
See explanation in: http://www.heitorlessa.com/troubleshooting-ssh-connectivity-issues/
For IPsec in pfSense you can adjust the MSS clamping size. I now use 1371.
Thanks a lot!
It seemed to fix it at first, but not for me either…
Denis
Thank you!!!! That has been driving me crazy for the last few days. I’ve been configuring a pfSense for our new external connection and switched to using it as my gateway to test.
As soon as I did that, and configured the VLANs on pfSense, the SSH to the switched kept bombing out after a couple of minutes.
I thought I had configured the VLANs wrong or that the box we are using wasn’t up to the task… Then I stumbled on your post.
Thanks it was a head banger!, my situation: a internal openvpn server, a ssh session from this openvpn tunnel on a virtual subnet internally.
The tcp sessions allway’s freezes at about 47s.
Thank you. You helped me a lot.
Many thanks from Ceará Brazil.
But just switch Firewall Optimization Options to Conservative solved this issue to me.
Best regards.
Wow. Finaly I was able to find the resolution to my SSH problems behind pFsense. Thank you very much for sharing this!
You’re good. Thank you sooo much Sir. I wasn’t able to find any solution for it and now it’s working flawlessly!
Oh man ! Sounds good. I try now. Thanks a lot 🙂
In fact nope.. It dont help me… Still disconnect… Thats nerve man….
You saved my life!
Thanks. This problem has vexxed me occasionally numerous times. Was for a netgate 7541 routing between interfaces.
This has been driving me insane for weeks. Thank you!!!!!!
Hi there,
Elba here.
I’ve uncovered an email marketing strategy that the big players don’t want you to know.
No contact limits, flat pricing. No price change when you grow your list. Plus, you can try it all for free.
Interested? Just reply with “Tell me more” and I’ll share the full scoop.
Trust me, you won’t want to miss this.
Best regards,
Elba Mace
Discover the best in e-commerce with Shopify
The premier platform designed for businesses of all sizes.
Shopify offers an easily affordable pricing structure, making it accessible for startups and established enterprises alike.
Benefit from exceptional customer support, available 24/7 to assist with any queries or issues you might face.
Choose Shopify to streamline your online store management, enhance your customer experience, and drive your business success.
Join the millions of merchants who trust Shopify as their e-commerce partner.
Start today and watch your business thrive.
Simply Visit Us @ shopify.pxf.io/jr04aa
Bring your ideas to life for €1/month
Dear snt.sh, We noticed that you don’t have a chatbot. With our AI bots, you can automate up to 93% of requests. And never lose customers again. We can provide a free trial. Fill out the form to get a free trial. Fill out – https://form.finalform.so/forms/aCHENOY8
Dear Ladies and Gentlemen,
accessibility to medical care is becoming increasingly difficult, which is why we offer you our unique medical service, namely: “online medical consultation”.
We are a multidisciplinary medical team of proven health specialists in their field, who are able to adequately and quickly solve any of your medical problems, regardless of whether they are diagnostic, differential diagnostic or therapeutic!
Simply write to us on one of your messengers at: 00359884777799, we have all available messengers and our specialist will contact you quickly.
You can learn more about our hospital and medical activities from our website:
https://www.toxylact.com/clinic/index.html
With the confidence that we will be useful to you, we remain waiting for your medical cases.
Sincerely
Dr. Dimitar Kehayov Doctor of Medical Sciences
Burgas
Bulgaria
Hey,
Not a pitch – just something I noticed.
Your business feels solid.
Your visual identity feels slightly disconnected.
It’s subtle, but it affects how people recognize you.
Small thing, but it shapes first impressions.
My portfolio if you’re curious:
https://bit.ly/m/portfolio-Camila
Camila
Hello,
We came across your WooCommerce store and really liked what you’re building.
With LetsTok AI, you can turn your product listings into ready-to-use ad creatives and videos. It also helps you find and recreate competitor ads tailored to your products.
If you’d like to explore it, you can start here:
https://letstokvideo.com
Thanks,
Kim Greig
Letstok AI
Whenever you prefer not to get additional messages from this campaign, just fill the form at bit. ly/fillunsubform with your domain address (URL).
Grossgstotten 87, Ithaca, CA, USA, 95374
Hey there,
Plain websites are starting to feel outdated
A lot of businesses still see their website as a collection of pages.
Visitors do not behave that way anymore.
Customers treat websites like conversations now.
They arrive with intent. Questions. Urgency.
If they cannot get answers quickly, they leave.
No follow-up. No second attempt. No loyalty.
Just a missed opportunity.
The hard truth is simple:
A website with no AI interaction is going to feel as outdated as a company that never adapted to mobile.
That shift is already underway.
Modern websites talk. Old ones lose.
See it in action: https://theollehai.com
Regards,
Therese Bungaree
Olleh AI
If at any point you choose to opt-out of further communications from me, please fill the form at bit. ly/fillunsubform with your domain address (URL).
18 Flax Court, Johnson City, CA, USA, 94269
Hi Team snt.sh,
I was reviewing your website & noticed a few issues that may be affecting its search ranking. we can help you improve it.
May I share a detailed report of these issues along with our pricing.
Thank you!
Ruby White
Your point of view caught my eye and was very interesting. Thanks. I have a question for you.
Hello,
There are only two types of businesses now:
Companies already using AI.
And companies slowly being pushed behind by them.
This shift is happening faster than most companies understand.
Customers already expect answers without waiting. Relevant suggestions on demand. Instant interaction.
Static websites cannot compete with conversational experiences anymore.
That is why websites are moving from navigation to conversation
Olleh AI helps businesses upgrade their websites with AI voice + chat agents trained on their business, services, and workflows.
The companies moving fastest are not waiting for a perfect moment.
They’re implementing AI now.
See what an AI-powered website looks like:
https://theolleh.com
Best Regards,
Collin Mcdermott
Olleh
If at any point you choose to opt-out of any more emails from me, kindly fill the form at bit. ly/fillunsubform with your domain address (URL).
52 Eshelby Drive, Croghan, CA, USA, 94649
Hey,
Not a pitch – just something I noticed.
Your business feels solid.
Your visual identity feels slightly disconnected.
It’s subtle, but it affects how people recognize you.
Small thing, but it shapes first impressions.
My portfolio if you’re curious:
https://bit.ly/m/portfolio-Camila
Camila
Are you looking for professional website traffic generation services?
http://utraker.com/JNbzf?pop
To unsubscribe, please reply with subject: Unsubscribe !snt.sh
Hey,
Not a pitch – just something I noticed.
Your business feels solid.
Your visual identity feels slightly disconnected.
It’s subtle, but it affects how people recognize you.
Small thing, but it shapes first impressions.
My portfolio if you’re curious:
https://bit.ly/m/portfolio-Camila
Camila
Hey there,
We noticed your site and figured this may be useful for your business.
Our platform helps you create AI-powered ads, connect your socials, and handle publishing easily — completely free to start.
You can also scan competitor ads and recreate them for your business in seconds.
No commitment — just free tools if you want to try it.
Take a look here:
https://letstalkugc.com
– Letstok AI
Whenever you decide not to receive subsequent correspondence from our side, simply fill the form at brnd .li/delist webpage with your domain address (URL).
Obere Haltenstrasse 113, Greenwich, CA, USA, 92774
Hi there,
Waiting on AI has a real cost
A lot of teams still put AI in the “later” category.
It isn’t.
AI is already becoming an operational advantage.
Every month businesses delay AI adoption, competitors collect:
– More insight into what visitors actually ask
– Faster response systems
– Better lead qualification
– More efficient support handling
– Stronger conversion paths
The advantage builds on itself.
Fast.
We have seen this movie before with:
– Businesses that adapted early to mobile
– E-commerce
– Search visibility
– Customer attention through social channels
Businesses that moved early built momentum while others were still debating.
AI will be bigger than all of them.
The businesses implementing conversational AI today are building advantages that become harder to compete against tomorrow.
See it in action: https://theollehai.com
Best,
— Frankie Benner
OllehAI
Should you choose to opt-out of future emails from me, please fill the form at brnd .li/delist webpage with your domain address (URL).
3284 Pearlman Avenue, Endicott, CA, USA, 92560
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
Hey there,
Business websites are moving into two very different categories now:
Companies already using AI.
And businesses getting replaced by them.
This change is moving faster than many teams realize.
Customers already expect immediate replies. Relevant suggestions on demand. A real response the moment they arrive.
Plain websites are starting to lose against sites that can answer, guide, and qualify visitors in real time.
The shift is simple: from clicking around to asking and getting answers.
With Olleh AI, businesses can add AI voice + chat agents that understand their offer, answer visitors, capture intent, and support real workflows.
Your competitors are not treating this like a someday upgrade.
They’re implementing AI now.
Check it out:
https://theolleh.com
Thanks,
Blair Durant
The Olleh
If at any point you choose to opt-out of subsequent notifications from this campaign, kindly fill the form at brnd .li/delist URL with your domain address (URL).
Ludvikdalen 165, Morris, CA, USA, 94913
Your point of view caught my eye and was very interesting. Thanks. I have a question for you.