explorer-monorepo/UDM_PRO_SSH_ISSUE.md

# UDM Pro SSH Access Issue

**Date**: 2026-01-21  
**Status**: ⚠️ SSH Connects But Commands Not Returning Output

---

## Issue

SSH connection to UDM Pro is successful (host key is being added), but commands are not returning output. This could be due to:

1. **Permission Issues**: User OQmQuS may not have permission to run iptables commands
2. **Sudo Required**: Commands may need sudo privileges
3. **Shell Environment**: Shell may be restricted or non-interactive
4. **Command Execution**: Commands may be running but output is being suppressed

---

## Alternative Approaches

### Option 1: Manual SSH Session

Connect manually and run commands:

```bash
ssh OQmQuS@192.168.11.1
# Enter password: m0MFXHdgMFKGB2l3bO4

# Then run:
sudo iptables -t nat -L PREROUTING -n -v | grep "76.53.10.36"
sudo iptables -L FORWARD -n -v --line-numbers | head -50
```

### Option 2: Check Web UI

Since SSH commands aren't working, check the Web UI directly:

1. **Port Forwarding Rules**:
   - Settings → Firewall & Security → Port Forwarding
   - Verify rules for 76.53.10.36 are **enabled**

2. **Firewall Rules**:
   - Settings → Firewall & Security → Firewall Rules
   - Check if "Allow Port Forward..." rules exist
   - Verify they are at the **top** of the list

### Option 3: Use UniFi API

If SSH is limited, we could use the UniFi API to check configuration.

---

## Recommended Next Steps

Since automated SSH commands aren't working:

1. **Manual SSH Session**: Connect manually and run diagnosis commands
2. **Web UI Check**: Verify port forwarding and firewall rules in Web UI
3. **Rule Verification**: Ensure rules are enabled and in correct order

---

## Quick Web UI Checklist

- [ ] Port forwarding rules for 76.53.10.36:80/443 are **enabled**
- [ ] Firewall "Allow Port Forward..." rules exist
- [ ] Allow rules are **above** any block rules
- [ ] Rules are saved and applied

---

**Status**: SSH access available but automated commands need manual execution