Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 3184 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

can't get SSH access working - UTM 9

Jean Thibodeau

I've tried using password and RSA key to get ssh access working.

Both fail when I try to open putty session

Instead of getting the following EXPECTED message:

I get this in both cases:

Am using "Any" as allowed network for now (will change it once I get it working)

What am I doing wrong?



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    This seems to be an issue with the Putty application itself.

    Try downloading a fresh putty.exe client or you can also try to login to SSH from a different device.

  • 0 in reply to FormerMember

    so while it wasn't working when I was ssh-ing to it via remote IPsec site-to-site VPN, when I move it back locally and used internal network, it worked. 

    So there seems to be something wrong with the allowed network config or functionality. I did allow the VPN LAN but it clearly didn't work.

    See screenshot. What am I missing? 

  • FormerMember
    +1 FormerMember in reply to Jean Thibodeau

    Could you please confirm that the remote gateway in not intercepting the SSH(port 22) traffic?

    Try checking packet flow on UTM for remote source machine IP or on port 22.

    You may run the below commands in shell to check packet flow.

    ==> port 22

    utm:/root # tcpdump -nei any port 22

    ==> On remote host

    utm:/root # tcpdump -nei any host <JT LAN machine IP>

    eg: utm:/root # tcpdump -nei any host 192.168.10.5

  • 0 in reply to FormerMember

    so I did have to enable SSH traffic over the VPN connection on the sonicwall side and that was part of initial fix. The real bigger problem, I think, might be related to a RAM issue that appears to be responsible for a number of intermittent problems.

    I fixed the RAM issue (new RAM - fully tested with memtest) and did a reset/restore but because some of the problems still seemed to happen, I ended up doing a complete reinstall. Since then - though it hasn't been that long - everything has worked fine from the start.

    Thanks for the tips, though. I will be able to use them if it happens again, or for other issues..

  • +1 in reply to Jean Thibodeau

    seems the issue might be related to double NAT'ing. A packet capture I did using my sonicwall router pointed to it dropping some packets for the following reason: 

    https://www.sonicwall.com/support/knowledge-base/how-can-i-resolve-drop-code-cache-add-cleanup/180118173647344/

    At the end of the article it says "a double NAT condition may cause the firewall to drop the traffic as "Cache Add Cleanup" due to the change in the packet header.". 

    I am double NAT'ing at the site with the Sophos UTM.

Reply Children
No Data
Unfiltered HTML