diff --git a/compute/instances/troubleshooting/cant-connect-ssh.mdx b/compute/instances/troubleshooting/cant-connect-ssh.mdx
index da2e7b2dd2..514104c8e7 100644
--- a/compute/instances/troubleshooting/cant-connect-ssh.mdx
+++ b/compute/instances/troubleshooting/cant-connect-ssh.mdx
@@ -133,4 +133,8 @@ You must upload the content of the public part of the SSH key pair to the Scalew
If you have any difficulties connecting to an Instance after uploading a new public SSH key to your Project, try the following:
- If you cannot connect to your Instance at all via SSH, reboot your Instance from the console and try again.
- If you can connect to your Instance using a previously uploaded SSH key but not the new one, go ahead and connect to your Instance with the old key. Once connected, run the `scw-fetch-ssh-keys --upgrade` command, which launches a script on your Instance to update your SSH keys. You can then check that the new key has been added to the `authorized_keys` file (`~/.ssh/authorized_keys`). Note that this command works only for Instances.
-
\ No newline at end of file
+
+
+## Timeout when trying to connect
+
+You may find the SSH connection attempt times out without connecting. This may be expected behavior if the Instance is attached to a Private Network on which there is also a Public Gateway advertising the default route. See our [dedicated troubleshooting](/network/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway/) page for more help with this issue.
\ No newline at end of file
diff --git a/network/public-gateways/concepts.mdx b/network/public-gateways/concepts.mdx
index 40f1f32dc4..506135d558 100644
--- a/network/public-gateways/concepts.mdx
+++ b/network/public-gateways/concepts.mdx
@@ -18,6 +18,10 @@ The Public Gateway can advertise a default route to resources on an attached Pri
You can choose to activate the advertisement of the default route when attaching a Private Network to a Public Gateway. The default route is propagated through DHCP.
+
+After activating the default route, all outbound and inbound traffic for resources attached to the Private Network is directed through the Public Gateway. This includes SSH traffic destined for Instances, which means you will need to [manage SSH connections differently](/network/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway/).
+
+
## DHCP
DHCP was previously a functionality of Scaleway Public Gateways, but has now been moved and is integrated directly into Private Networks. [Read more about DHCP on Private Networks](/network/vpc/concepts#dhcp).
diff --git a/network/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx b/network/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx
index 25a5ee6e31..87fe56eab3 100644
--- a/network/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx
+++ b/network/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx
@@ -1,24 +1,29 @@
---
meta:
- title: I cannot connect to my Instance using SSH after attaching it to a Private Network which has a Public Gateway
+ title: I cannot connect to my Instance using SSH after attaching it to a Private Network with a Public Gateway
description: This page explains how troubleshoot connection problems after attaching an Instance to a Private Network which has a Public Gateway
content:
- h1: I cannot connect to my Instance using SSH after attaching it to a Private Network which has a Public Gateway
+ h1: I cannot connect to my Instance using SSH after attaching it to a Private Network with a Public Gateway
paragraph: This page explains how troubleshoot connection problems after attaching an Instance to a Private Network which has a Public Gateway
tags: troubleshoot error private-network private network vpc public-gateway
dates:
- validation: 2024-05-24
+ validation: 2024-10-21
posted: 2021-05-26
categories:
- network
---
-
+If you are having trouble [connecting to your Instance via SSH](/compute/instances/how-to/connect-to-instance/), when the Instance is attached to a Private Network which also has an attached Public Gateway, read on for help and solutions.
-- [Owner](/identity-and-access-management/iam/concepts/#owner) status or [IAM permissions](/identity-and-access-management/iam/concepts/#permission) allowing you to perform actions in the intended Organization
+The action to take depends on whether:
-The action to take depends on whether the Private Network(s) your Instance is on have DHCP enabled, and whether your Public Gateway is set to advertise a default route (true by default).
+- The Private Network(s) attached to your Instance have [DHCP enabled](/network/vpc/how-to/activate-dhcp/), and
+- Your Public Gateway is set to [advertise a default route](/network/public-gateways/concepts/#default-route) (true by default).
-If it is not the case, disconnect the Instance from the Private Network, as there may be other factors impacting your Instance, like one of your Instances running a DHCP server.
+If the above two conditions are not true, there may be other factors impacting your Instance, like one of your Instances running a DHCP server. Try disconnecting and reconnecting the Instance from the Private Network.
-If DHCP is activated and your Public Gateway is set to advertise a default route, this is expected behavior as all the traffic towards your Instance now goes through the Public Gateway. To access your Instance using SSH, first create a static NAT association between a port of your Public Gateway (eg 2222) and the private IP assigned to your Instance, on the SSH port (22 by default). Then, SSH to the Public Gateway's IP on port 2222.
\ No newline at end of file
+If DHCP **is** activated and your Public Gateway **is** set to advertise a default route, not being able to connect to your Instance via SSH is **expected behavior**. All the traffic towards your Instance now goes through the Public Gateway.
+
+To access your Instance using SSH, either:
+- Use [SSH bastion](/network/public-gateways/how-to/use-ssh-bastion/), or
+- Create a static NAT association between a port of your Public Gateway (eg 2222) and the private IP assigned to your Instance, on the SSH port (22 by default). Then, SSH to the Public Gateway's IP on port 2222.
\ No newline at end of file