Hello!
I've configured our firewalls (FW-1 4.1 eval box, plus a production BSD box
running FWTK in parallel) to allow outbound telnet and ssh. Outbound
telnet works fine. SSH however, does not work (and I've tried it on the
standard ssh port, plus my reassigned ssh port). The port is allowed in
the FW-1 rules, and the log indicates that the traffic is permitted. The
problem is, that the request ends up going nowhere, with the very next
packet in the log being a rejected incoming icmp type 6 reply directed at
the FW-1 external interface. Origin of this packet is (I think) a router
further upstream.
Now, I mentioned that telnet works. I can telnet from behind both of our
firewalls to my Linux box. A freind has SSH on his box configured on port
23, and from my box, I can telnet to his, port 23 and get the initial SSH
message. However, from behind our firewalls, I cannot telnet to his box,
port 23.
What could be going on here? If telnet works, should I not be able to
telnet to the remote SSH server on port 23 and at least get the initial
message?
Cheers!
Jon
-----------------------------------------------------------------
Jon Earle (613) 612-0946 (Cell)
HUB Computer Consulting Inc. (613) 830-1499 (Office)
http://www.hubcc.ca 1-888-353-7272 (Within Canada/US)
"God does not subtract from one's alloted time on Earth,
those hours spent flying." --Unknown
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
