I have a FWG. Trying to configure for ssh (22) such that the connection blocks everything but only allows ingress connection for a range of IP addresses. My ssh server is a VM under my created group called "VM:
I've done so by doing:
1) Create a group rule in "VM" to block all access matching local port 22, and traffic from Internet.
2) Then i do a port forwarding for the ssh device to allow local port 22 matching the Target List, where my Target List contains the IP addresses that i want to whitelist.
However, this doesnt seems to work - i tested by initiating a ssh connection in the whitelisted IP network, the connection was refused. I then initiated ssh connection using VPN to an IP that is not whitelisted, the connection was refused.
Then i pause the Block rule, connection from both whitelisted IP and non whitelisted IP were accepted.
Quite weird... any advice?
Please sign in to leave a comment.