Error 10054 when using SSH with Windows Defender Firewall enabled

Matthis 1 Reputation point
2022-02-22T10:02:55.46+00:00

Hello,

I have an issue when accessing a remote server through SSH when Windows Defender Firewall is ON.
I can connect to my remote host and perform commands which output little text, but as soon as have a command which large output the SSH connection is dropped.

I have tried with multiple SSH clients such as Putty, Bitvise and Termius, and the same problem occurs.

When using Bitvise, I get the following error message when the connection is dropped:
"The SSH connection has terminated with error. Reason: FlowSocketReader: Error receiving bytes. Windows error 10054: An existing connection was forcibly closed by the remote."

This problem does not occur when Windows Defender Firewall is disabled.

What I have tried until now:


  • Reset Windows Defender Firewall to default -> did not solve
  • Reset Network to default -> did not solve

The problem looks like an MTU size issue, however it does not occur when the firewall is off.
I thought the problem could be related Path MTU Discovery and the firewall blocking ICMP; so I tried adding a Firewall Inbound custom rule allowing all ICMP v4 packets.
This did not solve the issue: either I am not doing it correctly, or it is not the right solution.

Any ideas of what the issue could be?

Thank you!

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,340 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 44,221 Reputation points
    2022-03-01T11:40:22.197+00:00

    Hello @Matthis

    You should create specific rules in the firewall for SSH communication over Port 22, you can check the next document on how to apply Firewall Rules using powerhsell:

    https://learn.microsoft.com/en-us/powershell/module/netsecurity/new-netfirewallrule?view=windowsserver2022-ps

    Hope this helps with your query,

    --
    --If the reply is helpful, please Upvote and Accept as answer-

    0 comments No comments

  2. Matthis 1 Reputation point
    2022-03-10T13:16:54.54+00:00

    Hello, thank you for looking into this!

    I forgot to mention I had already done this through the Firewall Advanced Settings, allowing a Inbound connection for TCP 22.
    The issue was still happening though.

    Your comment however inspired me to try with another port. I set my SSH server to use a different port, and added a rule allowing an inbound connection for this port in the Windows Firewall, and now it works!

    Maybe my rule allowing Inbound TCP 22 was being overridden by another rule in the default Windows Firewall settings??

    Anyhow, solved now!
    Thank you.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.