|
Title: SSH on Green Interface Post by: euser on Tuesday 13 October 2009, 05:52:50 am EFW gurus, need your help...
I would like to find out how to enable SSH access from internal network only (green interface). If I go to Firewall - System Access and create a rule for SSH access such as - <ANY> GREEN TCP/22 ALLOW Service (SSH) - it doesn't work unless System - SSH Access - Enable Secure Shell Access is turned on. The problem is that I don't want SSH to be turned on Red interface at all. Any suggestions? Thanks in advance :) Title: Re: SSH on Green Interface Post by: StephanSch on Tuesday 13 October 2009, 06:02:52 am If you don't create a firewall rule for RED you cannot access SSH on RED.
Title: Re: SSH on Green Interface Post by: euser on Tuesday 13 October 2009, 07:18:35 am Thanks for answering so quickly!
I don't have any rules under System Access for Red zone. I only have a rule for SSH access <ANY> GREEN TCP/22 ALLOW. SSH doesn't work for any zones unless System - SSH Access - Enable Secure Shell Access is turned on. When it's turned on I CAN access my EFW via SSH with public IP - not good in my case... Any additional thoughts?? Title: Re: SSH on Green Interface Post by: danodemano on Tuesday 13 October 2009, 09:54:34 am Not that this is a huge help...but doesn't SSH require TCP AND UDP (This was always my understanding....for what little it's worth)? I have mine working just fine and it is not accessible from the outside....though I forward port 22 through to my Linux system on the other side so that may be part of it. What's funny is that I have NO system rule at all for SSH and my internal network and it works without a problem. I do have a rule to allow IP from the subnet where I work (permanent end-to-end VPN tunnel) and it works just fine:
10.37.56.0/22 <ANY> TCP+UDP/22 ALLOW Allow SSH from Conelec subnet Title: Re: SSH on Green Interface Post by: euser on Friday 16 October 2009, 02:59:08 am Thank you all. Problem is resolved
|