If I have to configure this as any - OK, I've done this - even if it sounds not very secure to me.
The next error shows that it is not working as well:
Deny 16:52:19.585047 LAN 192.168.50.190:22 10.5.40.34:3903 TCP
-----Original Message-----
From: Thorsten Schmale [mailto:thorsten at vfl3 dot de]
Sent: Montag, 10. September 2007 16:44
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] RE: SSH rule dows not work
Hi,
you specified port 22 as the source port. The ssh-connection will go to port 22 but the source port
is variable.
You have to specify "any" there.
Best,
Thorsten
On 10/09/07 16:37 +0200, Brieseneck, Arne, VF-Group wrote:
>
>
> Hi all,
>
> it seems as if my ssh rule for traffic coming from WAN towards a
> server in LAN dows not work.
>
> The configuration is very simple. And without the rule deny which
> should allow this traffic and an any-any therefore it is working.
> So routing etc. is fine.
>
> This is the config:
> TCP 10.5.40.34:22 --> 192.168.50.90:22
>
>
>
> and the flow back is allowed in the LAN section:
> * LANnet:* --> *:*
>
>
>
>
> But here is the error:
> denied 1632:45364880 WAN 10.5.40.34:4502 -->
> 192.168.50.190:22
>
>
>
> This sounds strange to me, because SSH only needs port 22 and no
> passive ports like FTP.
>
> Has anyone a hint?
>
>
> Thanks a lot for your help
>
--
Hallo Grüne-Wähler!
---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch | 