Reverse SSH tunnel issue with one router, but works fine with another - what could it be?


I have done a fresh install of Hassio to my Raspberry Pi 3 B+. The objective is to have it located at my summer house. I am somewhat familiar with SSH reverse tunneling. At home (not summer house), it works fine with accessing Hassio (both web interface and ssh) but when I move the Raspberry Pi to our summer house, it won’t work.

At both places, I have 4G/LTE broadband routers with the same carrier agreement (dual sim). They are not the same router nor brand. The router on the summer house is a Archer MR200. The broadband provider has carrier grade NAT. The “server” is a cheap VPS at Digital Ocean.

My observations;

  1. The exact same SSH -R command fails at the summer house but works fine at permanent home. The verbose shows it gets stuck when expecting SSH2_MSG_KEX_ECDH_REPLY. By adding -o MACs=hmac-sha2-256 to the command, it gets through and I get the SSH prompt on the server.

  2. After creating the SSH reverse tunnel, I can try to run command “wget localhost:8123” and I see that the filename index.html will be downloaded, but it never downloads.

  3. In SSH server on Raspberry Pi, the SSH logs says similar to SSH connection to host {ip} on port 22 failed.

Any clues? The only difference from working and not working is the specific router. I have tried to find any settings in the router admin but haven’t found anything. In the virtual servers menu, I actually saw one line for Hassio but that one I haven’t created which I find a bit strange. Can that be created by Hassio? Probably not. It should not be necessary since I will use reverse SSH tunnel.