not able to ping through ssh tunnel device

I am trying to create an ssh VPN (through port 443) to bypass NAT and filtering. I am using this tutorial. The OS is Debian testing on both sides. The tunnel devices are created on both sides, and addresses are assigned. ssh command (as root on machine B): ssh -w 0:0 MACHINE_A_PUBLIC_IP -p 443 a shell opens for root On the server (machine A), PermitTunnel is set to yes, and cat /proc/sys/net/ipv4/ip_forward returns 1 machine A: ip link set tun0 up ip addr add 10.0.0.100/32 peer 10.0.0.200 dev tun0 machine B: ip link set tun0 up ip addr add 10.0.0.200/32 peer 10.0.0.100 dev tun0 result: machine A: 36: tun0: mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 500 link/none inet 10.0.0.100 peer 10.0.0.200/32 scope global tun0 valid_lft forever preferred_lft forever inet6 fe80::9210:8322:2382:e696/64 scope link flags 800 valid_lft forever preferred_lft forever machine B: 32: tun0: mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 500 link/none inet 10.0.0.200 peer 10.0.0.100/32 scope global tun0 valid_lft forever preferred_lft forever inet6 fe80::bd70:5f4d:c8f5:aa2c/64 scope link flags 800 valid_lft forever preferred_lft forever Why can I not send pings? Am I missing an obvious troubleshooting step? Could it somehow be the filter that I am behind? **edit:** on machine A (server) ip route: default via 192.168.1.1 dev eth1 proto static metric 100 10.0.0.200 dev tun0 proto kernel scope link src 10.0.0.100 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.126 metric 100 192.168.100.0/24 dev virbr1 proto kernel scope link src 192.168.100.1 linkdown 192.168.105.0/24 dev virbr4 proto kernel scope link src 192.168.105.1 linkdown 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 239.0.0.0/8 dev lo scope link on machine B (client) ip route: default via 192.168.1.1 dev wlp3s0 proto static metric 600 10.0.0.100 dev tun0 proto kernel scope link src 10.0.0.200 169.254.0.0/16 dev wlp3s0 scope link metric 1000 192.168.1.0/24 dev wlp3s0 proto kernel scope link src 192.168.1.136 metric 600 on machine B (client) ping 10.0.0.100: PING 10.0.0.100 (10.0.0.100) 56(84) bytes of data. ^C --- 10.0.0.100 ping statistics --- 10 packets transmitted, 0 received, 100% packet loss, time 9000ms the output of ping is the same on the server they can each ping their own interfaces (machine B can ping 10.0.0.200), (machine A can ping 10.0.0.100)