01-08-2021 08:00 AM
Issue is:
SSH establishes fine but once new attempt of a connection is made it cannot establish new connection. This disrupts the workflow of a automated application that sends files over SFTP throughout the day with the random disconnects. Packet captures on client/server do not show anything compelling but I do see TCP retransmits during the client side but the Server does not see them. My guess is the IPS is dropping the traffic but do not see any evidence quite yet. Not sure why it drop it as that traffic is allowed.
Session end Reason shows Unknown, Aged out, TCP fin.
Traffic flow is client ssh/sftp -> IPS -> Server
01-08-2021 08:12 PM
By the end of this chapter, you should be a pro at not only configuring security policies,They are visible in Junos 12.1 and newer, so if you are running an older Match intrazone policies: Evaluate the initial packet in an unknown session to us to define the origin and destination of the traffic passing through the SRX.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
