Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
612
Views
0
Helpful
0
Replies

5506 FTD ssh access to management IP Address

jaestes
Level 1
Level 1

‎06-05-2018 10:04 AM - edited ‎02-21-2020 07:51 AM

I have a Lab setup where there is a FMCv, FPR-2110-FTD, FPR4110-FTD, 5515 W/Firepower Services, and 5506-FTD.  All the FTD devices us an IP Address in the 10.239.1.0/24 network assigned to the management interface to communicate with the Manager (FMC).  All the FTD devices have a diagnostic interface with a separate IP Address in the same 10.239.1.0/24 network used for SNMP and as the Syslog Source.  The 5506-FTD and FPR4101-FTD are in the same domain, use the same Platform Settings, and the same Access Control Policy on the FMC.  I can access the FPR4110-FTD management IP Address via ssh from outside the Lab subnet just fine.  I can perform snmpwalks to the 5506-FTD diagnositc IP Address from outside the Lab subnet just fine, however I can only ssh to the 5506-FTD management IP Address from within the 10.239.1.0/24 subnet.  Captures show ssh request coming in for access to the diagnostic IP Address which of course is not allowed, but nothing from the same source to the management IP Address unless as I stated it is from within the 10.239.1.0/24 network.  Any ideas?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card