04-30-2018 01:02 AM
Hi.
I have an ERP server on the inside which must be access from supplier via SSH. Trying both using proxy and no decrypt but always getting Aged out in traffic monitor.
I don't have access to the ERP system but I got the routing printed and it looks ok.
Any ideas what would be causing aged out? Firewall in the *nix machine?
(Trying to get access to the *nix machine and have a look)
Best regards
/Ronnie
04-30-2018 03:03 AM
Sounds like a good theory that the issue is on the server since you can see the session is permitted on the PA.
You could also do a packet capture of the login attempt, this might give you more specific information on where the process is failing.
04-30-2018 01:47 PM
in addition to what @pulukas said,
you can run tcpdump on the *nix machine as well.
SInce it is hosted inside, i am assuming you have made sure of NAT to be working correctly.
~HTH
04-30-2018 03:09 PM
Hello,
Is this over a VPN tunnel? Do the traceroutes look ok, if allowed? When you view the traffic logs, where is it getting dropped as opposed to how your rule is written to allow the traffic.
Please advise,
05-02-2018 02:33 AM
Hi
Got access to the *nix machine.
Guess what, there was an firewall implmeneted (that the supplier didn't know about)
So when this was resolved everything works as expeceted.
thanks for all the replies.
Best regards
/Ronnie
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
