Home Network Community > Wi-Fi Routers > SSH connections blocked on Archer GE650 despite bridge mode and open network
< Wi-Fi Routers

SSH connections blocked on Archer GE650 despite bridge mode and open network

SSH connections blocked on Archer GE650 despite bridge mode and open network

SSH connections blocked on Archer GE650 despite bridge mode and open network
SSH connections blocked on Archer GE650 despite bridge mode and open network
2025-07-02 21:52:57 - last edited 2025-08-07 06:38:22
Tags: #Port Forwarding #Gaming Router #Network Connectivity #Firmware Update
Model: Archer GE650  
Hardware Version: V1
Firmware Version: 1.1.0 Build 20250430 rel.58057(5553)

Hi, I recently installed an Archer GE650 as my main router. The upstream ISP router is in full bridge mode, and my TP-Link router gets a public IP directly (confirmed). Internet works fine, and ports are open — except for SSH (port 22).

Here's the issue: I can access the same remote SSH server from other networks (like 4G mobile tethering), but from the Archer GE650's LAN, SSH fails — it gets stuck at "connecting" and eventually times out. No firewall is enabled on my machine or the server. The issue is clearly on the router's side.

Things I’ve tried:
- Checked for ALG settings: there is no SSH ALG option on this model.
- Disabled all other ALG options (FTP, SIP, etc.) just in case.
- Tried with DMZ on.
- Tried port forwarding.
- Tried with Game Boost and QoS off.
- Tried different client devices.
- Tried different destination servers.

Result is always the same: SSH over port 22 is silently dropped or blocked. I can confirm this because if I make the server listen on port 2222 and connect with `ssh -p 2222`, it works instantly.

This seems like either a bug in firmware or some hidden security filtering that’s interfering with SSH. I’d appreciate help or confirmation from support — is this a known issue? Can ALG or DPI be disabled fully on this model?

Thanks in advance.

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network-Solution
2025-07-04 17:36:20 - last edited 2025-08-07 06:38:22

I contacted my ISP and also did some tests by connecting directly to their router. In the end, it turned out they were the ones blocking the SSH port — so it wasn’t the TP-Link router after all.I contacted my ISP and also did some tests by connecting directly to their router. In the end, it turned out they were the ones blocking the SSH port — so it wasn’t the TP-Link router after all.

Recommended Solution
  1  
  1  
#7
Options
6 Reply
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network
2025-07-02 22:00:15 - last edited 2025-07-02 22:01:26

  @Maxnanimus 

 

When connecting to your SSH server from GE650 LAN don't use your public IP address - use the SSH server LAN IP address instead.

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  0  
  0  
#2
Options
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network
2025-07-02 22:07:21 - last edited 2025-07-02 22:09:41

Thank you for the response. Just to clarify, the SSH server is not on the LAN — it's an external remote server (in AWS EC2), and I'm trying to connect to it from the Archer GE650 LAN.

From 4G or other networks, SSH over port 22 works fine. But from the GE650 LAN, the same SSH connection fails — unless I change the server to listen on port 2222, in which case it works.

So this is about outgoing SSH traffic to a public IP, not internal LAN routing. It seems like port 22 is being filtered, either by ALG or some DPI mechanism in the router.

Has anyone else run into this? Is there a way to fully disable any filtering or ALG that might affect outbound SSH traffic?

  0  
  0  
#3
Options
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network
2025-07-02 22:18:34

  @Maxnanimus 

 

That's entirely different scenario. GE650 is a home grade router and its embedded firewall shouldn't block any outgoing connection.

I would suspect that the problem in your case could be your public IP address is blocked by some security policy in AWS EC.

The easiest way to check that is to use a Windows PC in place of your GE650 (bypass it) and build the PPPoE session (?) directly on the PC - details.

 

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  0  
  0  
#4
Options
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network
2025-07-02 22:37:30

  @terziyski I get your point about testing that, but if it were an IP block, it shouldn’t work on port 2222 eithe, and AWS replies instantly on that port.

  0  
  0  
#5
Options
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network
2025-07-02 22:43:43

  @Maxnanimus 

 

You are correct - that\s why I suggested to isolate GE650 as a culprit by configuring PPPoE session directly on a PC.

I've never had such an issue with an outgoing connection on the default SSH port with a TP-link router models I've used so far.

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  0  
  0  
#6
Options
Re:SSH connections blocked on Archer GE650 despite bridge mode and open network-Solution
2025-07-04 17:36:20 - last edited 2025-08-07 06:38:22

I contacted my ISP and also did some tests by connecting directly to their router. In the end, it turned out they were the ones blocking the SSH port — so it wasn’t the TP-Link router after all.I contacted my ISP and also did some tests by connecting directly to their router. In the end, it turned out they were the ones blocking the SSH port — so it wasn’t the TP-Link router after all.

Recommended Solution
  1  
  1  
#7
Options

Information

Helpful: 0

Views: 259

Replies: 6

Tags

Port Forwarding Gaming Router Network Connectivity Firmware Update
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.