Forwarding non-standard ssh port to standard ssh port internal (remote SFTP Server)

Hi all,

# XG330

I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in
the DMZ.(Head Ofice)
the server is installed, configured and integrated into the dmz.
the remote client uses an sftp tool to automatically transfer data with a configured task, using : ipaddr: non-standard port

So I created a dnat rule as follows:

and I created the firewall rule as follows:

For more security the client will have to connect with a non-standard SFTP port, then the FW will have to do the port translation of the non-standard port
to the default SSH port which is 22.
the first connection tests were not successful! Impossible to connect
Is there anything I forgot?
Are there other particularities to take into account and adjust the configuration?

thanks

Added TAGs
[edited by: Raphael Alganes at 3:47 PM (GMT -7) on 17 Apr 2024]

Top Replies

apijnappels 13 days ago in reply to rfcat_vk +2 suggested

And also the internal SSH port instead of external. PS Sofos network Changing the port used for SSH access does not increase security. It just keeps a small amount of scripts from finding the SSH-server…

Parents

0 Bharat J 15 days ago

Hi Sofos network,

Please check and verify traffic flow under MONITOR & ANALYZE || Diagnostics || Packet Capture passing from the same firewall rules and NAT rule with drop packet

Also, start tcpdump on CLI and share the output for all three steps.

Regards

"Sophos Partner: Networkkings Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Sofos network 15 days ago in reply to Bharat J
Bharat J

I updated the config like:

and

it work manually by command line and filezilla

i just have problem with third party sftp client

I'm going to see why?

Thanks
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bharat J 15 days ago in reply to Sofos network

Please check with packet capture, tcpdump and drop packet the behaviour of the traffic this will help you to check it in right direction.

"Sophos Partner: Networkkings Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Sofos network 13 days ago in reply to Bharat J

Hi Bharat J

Packet Capture output

what does it mean ??
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bharat J 13 days ago in reply to Sofos network

Seems Service is off: You need to change the Source Port to 1:65335 to include the high ports. If issue remains,please verify the service port you have added on the firewall rule and NAT rule

TEST by changing source WAN -> ANY - Destination LAN -> server IP - Service (TCP 1:65335 to SFTP port no) -> any time -> log. Use linked NAT rule and choose MASQ I think should automatically setup the correct interfaces.

Please post the services object created here with tcpdump and drop packet if issue remains.

"Sophos Partner: Networkkings Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Bharat J 13 days ago in reply to Sofos network

Seems Service is off: You need to change the Source Port to 1:65335 to include the high ports. If issue remains,please verify the service port you have added on the firewall rule and NAT rule

TEST by changing source WAN -> ANY - Destination LAN -> server IP - Service (TCP 1:65335 to SFTP port no) -> any time -> log. Use linked NAT rule and choose MASQ I think should automatically setup the correct interfaces.

Please post the services object created here with tcpdump and drop packet if issue remains.

"Sophos Partner: Networkkings Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data