Configure rules for port 22
Hello FW...
I have a FWG. Trying to configure for ssh (22) such that the connection blocks everything but only allows ingress connection for a range of IP addresses. My ssh server is a VM under my created group called "VM:
I've done so by doing:
1) Create a group rule in "VM" to block all access matching local port 22, and traffic from Internet.
2) Then i do a port forwarding for the ssh device to allow local port 22 matching the Target List, where my Target List contains the IP addresses that i want to whitelist.
However, this doesnt seems to work - i tested by initiating a ssh connection in the whitelisted IP network, the connection was refused. I then initiated ssh connection using VPN to an IP that is not whitelisted, the connection was refused.
Then i pause the Block rule, connection from both whitelisted IP and non whitelisted IP were accepted.
Quite weird... any advice?
Thank you!
-
If you do not limit anything, does your ssh to port 22 work?
For port limit see this
see if this helps https://help.firewalla.com/hc/en-us/articles/1500009502622-How-to-limit-access-to-open-port-or-port-forwarded-#h_01G6WRKH0DA4QVD0JGKG34GBQ5
Please sign in to leave a comment.
Comments
1 comment