No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
A User Cannot Check Files After Successfully Logging In to the SFTP Server

A User Cannot Check Files After Successfully Logging In to the SFTP Server


SFTP, successful login, file check failure, MSS of TCP packets, IPSec VPN


After logging in to a remote SFTP server through an SFTP client, a user cannot check files in the current user directory, and logs out due to connection timeout. After the user logs in to the remote server using SSH, the same fault occurs when the user runs the ls command to check the directory. After the tcp adjust-mss value command is run to reduce the MSS of TCP packets on the interface, the SFTP service recovers.

Problem Description

A user cannot access SFTP-enabled IPTV servers at branch sites through an SFTP client from the data center remotely (over the carrier MPLS VPN). After passing authentication, the user cannot list files in the user directory /root, and the connection times out, as shown in the following figure. This fault occurs when the user accesses servers at several branch sites.

The fault occurs after the user runs the ls command on the SFTP client. Therefore, the user is advised to remotely log in to the server using SSH and run the ls command on the server to check whether the fault is caused by the SFTP client. The fault persists. No output is displayed after the ls command is run, and the user logs out due to connection timeout.

The topology between the data center and branch sites is as follows:

Data center <---> Egress firewall <---> Carrier MPLS VPN <---> AR router in branch site <---> SFTP server


  1. The user can successfully log in to the local SFTP server at one branch site (not over the carrier MPLS VPN) using SFTP and check files. The user can also log in to the local SFTP server using SFTP and SSH at another branch site, and run the ls command to check files.
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 447587

Downloads: 4305

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next