Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 2 subscribers
  • Views 3805 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSH rule not working

exceedme
I want to transfer a file from my Sophos UTM firewall to an internal Linux server with scp from the Sophos shell.

I have a rule that allows ssh traffic from 192.168.1.1 (Sophos inside int) to my internal Linux server 192.168.1.100. When I try to run my scp command as root the firewall blocks that attempt for some reason.

scp text.txt linux@192.168.1.100:/home/linux


This thread was automatically locked due to age.
Parents
  • 0
    Can you show a screenshot of your firewall rule and the according log line from the full firewall log (not live log)?
  • 0 in reply to scorpionking
    2014:12:12-13:46:44 sophos ulogd[3226]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth1" srcmac="00:22:4d:a4:52:1a" srcip="192.168.1.1" dstip="192.168.1.100" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="55044" dstport="22" tcpflags="SYN" 

    2014:12:12-13:46:46 sophos ulogd[3226]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth1" srcmac="00:22:4d:a4:52:1a" srcip="192.168.1.1" dstip="192.168.1.100" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="55044" dstport="22" tcpflags="SYN"
Reply
  • 0 in reply to scorpionking
    2014:12:12-13:46:44 sophos ulogd[3226]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth1" srcmac="00:22:4d:a4:52:1a" srcip="192.168.1.1" dstip="192.168.1.100" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="55044" dstport="22" tcpflags="SYN" 

    2014:12:12-13:46:46 sophos ulogd[3226]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth1" srcmac="00:22:4d:a4:52:1a" srcip="192.168.1.1" dstip="192.168.1.100" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="55044" dstport="22" tcpflags="SYN"
Children
No Data