Hi Ian, On Sat, Sep 25, 2021 at 11:17:33PM +0100, Ian Hobson wrote: […] It means that 195.219.214.18 doesn't want to pass the UDP datagrams that traceroute uses. And probably all traffic destined for 109.51.83.178 since your SSH back the other way doesn't work. What does it look like the other way? What does a TCP traceroute to your SSH port look like? e.g. $ sudo traceroute -T -p 22 macallan.bitfolk.com traceroute to macallan.bitfolk.com (85.119.80.25), 30 hops max, 60 byte packets 1 aa-gw.localnet (192.168.1.254) 0.694 ms 1.067 ms 1.436 ms 2 3.a.gormless.thn.aa.net.uk (90.155.53.211) 8.367 ms 8.720 ms 8.997 ms 3 e.aimless.tch.aa.net.uk (90.155.53.45) 10.798 ms * * 4 xe-0-1-0-3-1.r04.londen05.uk.bb.gin.ntt.net (192.80.17.249) 11.395 ms 13.119 ms 13.215 ms 5 ae-7.r20.londen12.uk.bb.gin.ntt.net (129.250.4.140) 13.330 ms 13.445 ms 13.598 ms 6 ae-13.a03.londen12.uk.bb.gin.ntt.net (129.250.3.249) 15.918 ms 15.411 ms 15.489 ms 7 t5.jump.net.uk (194.153.169.188) 15.598 ms 9.626 ms 9.667 ms 8 c2.jump.net.uk (194.153.169.239) 11.082 ms c5.jump.net.uk (194.153.169.233) 10.722 ms 13.368 ms 9 macallan.bitfolk.com (85.119.80.25) 8.184 ms 9.719 ms 9.804 ms Can you reach other IPs at BitFolk with a traceroute or mtr? Can you reach www.jump.net.uk with a traceroute or mtr? For what it's worth I can't reach 109.51.83.178 from anywhere at BitFolk so it's probably a total routing blackhole for all types of traffic and probably both ways. The IP 195.219.214.18 belongs to TATA communications but since you aren't their customer and neither is BitFolk, it would be best for you to ask your ISP why you can't reach the BitFolk IP and show them your traceroute, since you are their customer and they should listen to you. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting