02-08-2023 04:11 AM
Hi guys,
I have FCM with 2 clusters of FPR (active-standby) you can see on the screen:
I am not able to connect with SSH. I Tried connecting with SSH (putty) to all four IP addresses: (192.168.5.38, 192.168.5.34, 192.168.5.37, 192.168.5.33), but without success. also, I can't telnet to port 22. (on event-viewer i find nothing)
I already make an access rule for connecting with SSH and the web (HTTPS);
Also, I already add my IP address here:
P.S. Web works, but SSH not works.
So can you tell me please maybe somewhere else I must add my IP for SSH access?
thank you.
02-08-2023 06:06 AM
From the FMC Advanced Troubleshooting menu for the device, use the FTD cli menu show option and verify the ssh-access-list. Here's what it looks like from cli of a working device:
> show ssh-access-list
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp anywhere anywhere state NEW tcp dpt:ssh
>
02-08-2023 12:02 PM
By default there is no restriction for access to the management interface on the FTDs. Are you sure that you have connectivity to those IPs? If you allow ping in the firewall from your source PC's IP to the management interface IPs, if they are on different networks, are you able to ping them?
By the way the first image you posted about the Access list, that is for access to the FMC and not to the FTDs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide