[ previous ] [ next ] [ threads ]
 
 From:  thorsten at vfl3 dot de (Thorsten Schmale)
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] RE: SSH rule dows not work
 Date:  Mon, 10 Sep 2007 16:43:43 +0200
Hi,

you specified port 22 as the source port. The ssh-connection will go
to port 22 but the source port is variable.
You have to specify "any" there.

Best,
Thorsten

On 10/09/07 16:37 +0200, Brieseneck, Arne, VF-Group wrote:
>  
> 
> 	Hi all,
> 	 
> 	it seems as if my ssh rule for traffic coming from WAN towards a
> server in LAN dows not work. 
> 	 
> 	The configuration is very simple. And without the rule deny
> which should allow this traffic and an any-any therefore it is working.
> So routing etc. is fine.
> 	 
> 	This is the config: 
> 	TCP   10.5.40.34:22  --> 192.168.50.90:22 
> 	
> 	 
> 	 
> 	and the flow back is allowed in the LAN section: 
> 	* LANnet:*  --> *:*
> 	 
> 	 
> 	
> 	 
> 	But here is the error: 
> 	denied 1632:45364880   WAN   10.5.40.34:4502  -->
> 192.168.50.190:22 
> 	 
> 	
> 	 
> 	This sounds strange to me, because SSH only needs port 22 and no
> passive ports like FTP.
> 	 
> 	Has anyone a hint?
> 	 
> 	 
> 	Thanks a lot for your help
> 

--