Security

 View Only
last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Can SSH From Firewall But Not From Console

This thread has been viewed 5 times

  • 1.  Can SSH From Firewall But Not From Console

    Posted Jan 17, 2023 04:19 AM
    Hi,

    I can ssh into access switch using the below procedure:
    Remote access into firewall-> go into core switch -> then i can ssh into access switch.

    But if I console into the distribution switch, I can ping the access switch
    But I cannot ssh into the access switch.
    What can be the issue?


  • 2.  RE: Can SSH From Firewall But Not From Console

    EMPLOYEE
    Posted Jan 17, 2023 09:41 AM
    What is between those two devices?  Is the traffic being allowed or denied immediately or does it time out?

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------

    Original Message


  • 3.  RE: Can SSH From Firewall But Not From Console

    EMPLOYEE
    Posted Jan 18, 2023 05:20 AM
    Are there any ACLs that might prohibit ssh from the distribution switch vs the core switch? These might exist on the access switch itself?

    Have you got any VLANs set at Primary VLAN or Management VLAN on either of these switches?

    Does the distribution switch have to send its traffic via a different path to the core switch? Does the core switch have an IP interface within the subnet of the access switches management IP address, while the distribution switch must route its traffic through another device (a core switch or firewall)?

    Something is in the way, but we need more information in order to be able to help.
    Original Message