12-17-2018 06:18 AM
12-13-2018 07:53 AM
Do you get some sort of error message or does the device simply never respond?
12-13-2018 07:54 AM
Do you get the loign prompt?
12-13-2018 07:54 AM
Its simply never responds
12-13-2018 08:05 AM
Look in the threat logs for ( id eq 31914 ) and see if the traffic is getting identified as a threat and droped. Ensure that your management profile wasn't altered to disable SSH access, or that it wasn't disabled on the management port itself. Ensure that if this traffic flows through the firewall it is actually allowed and isn't hitting the default interzone-default deny policy.
Does this only happen to one user, or is it anyone who attempts to access the device?
12-13-2018 08:06 AM
So not limited to super user,
Using the same IP as the HTTPS interface?
Device > Setup > Interface > management ( SSH enabled? )
12-13-2018 08:12 AM
I checked and nope not being dropped as a threat. Management interface is set to allow ssh access. I am not the one who cannot ssh, it is a user that was just elevated to superuser in the last week. I and others can ssh fine to both PA's. I don't see the user being blocked in the traffic monitor, in fact he is in the same zone as the PA.
12-13-2018 08:13 AM
Only one user is having this issue and he is a superuser. Yes same IP as the HTTPS interface .
Device > Setup > Interface > management ( SSH enabled? ) - yes
12-13-2018 08:17 AM
Has the user been able to log into the web interface ?
12-13-2018 08:22 AM
If there is no login prompt, is this not affecting all users from the same workstation?
"I don't see the user being blocked in the traffic monitor, in fact he is in the same zone as the PA."
Are they using the Dedicated managemetn interface? ( can they ping it? )
Is there any IP restrictions on the management interface?
12-13-2018 08:25 AM
Yes he is able to login to the web interface
12-13-2018 08:26 AM
Hi @jdprovine'
perhaps go back a step, is ping enabled on management interface.
if it is and you can ping the interface, then see if the troubled user can also ping it.
12-13-2018 08:26 AM
Everything is the same for him as it is for me, he is able to use the local superuser admin account and login fine
12-13-2018 08:28 AM
Yes ping is enabled, I will check if he can ping it
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
