This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is there any way to change ssh access allowed networks through serial console

Hi

We have recently migrated from UTM625s to SG550s.  The UTMs are no longer licensed but we would like to get some http logs off them.  Because the SGs were set up with the same network config we can't put the UTMs back on the network.  Ideally I would like to be able to use WinSCP to the management interface to copy the logs.  However the local subnet is not included in the allowed networks for ssh access.  Before having to set up a spare router to get access I was wondering if there is a way to add a new address to the allowed networks through the serial console?

Kind regards
Louise Atyeo



This thread was automatically locked due to age.
  • Hi Louise and welcome to the UTM Community!

    If you don't already have access via the serial console, you can plug in a monitor and USB keyboard to access the console.

    Assuming that you wanted to add "Internal (Network)" to SSH Allowed Networks, from the command line as root:

    cc get_object_by_name network interface_network 'Internal (Network)' | grep \'ref\'

    If you've had those 625s for awhile, you will probably get a result like: 'ref' => 'REF_nuSwABYbAt',

    Now, enter the following commands one line at a time:

    cc
    ssh
    allowed_networks@
    +REF_nuSwABYbAt
    exit

    Finally, check your work with:

    cc get ssh allowed networks

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thank you Bob, that worked like a dream.  Much appreciated for taking the time to respond.

    Kind regards

    Louise