login about faq

I trying set up rules for a concection SSH : allows a client connect to a server through Guardian (in router mode ) . I found a very interesting , when I enable a polices permitted client to access the server by SSH , but that client still can't connect to server . then , I disable that polices , client connect ok The problem similar to RDP , TelNet ,

I dont understand , default, the police rules TECTIA Guaradian is set so , or I was wrong configution

asked Dec 21 '11 at 11:22

haiqua's gravatar image

haiqua
1223

edited Dec 22 '11 at 20:36

Roman's gravatar image

Roman ♦♦
7735817


Hi,

A simple troubleshooting tip for SSH connections in Tectia Guardian:

SSH Control > Global Options

Set the "Verbosity level" to 4, and press "Commit".

Now go to:

Basic Settings > Troubleshooting > View log files

Test The connection again, and press select "Logtype: SSH", and press "Tail".

You will now get information regarding the failure.

Another question I have, is what client you are using? Tectia Guardian only supports SSH 2.0 clients.

Thanks, James

link

answered Dec 21 '11 at 11:43

jamesw's gravatar image

jamesw ♦♦
468815

thank very much! I have dont so , and I get results :

2011-12-22T17:13:17+07:00 offline zorp/scb_ssh[3178]: core.session(3): (svc/ssh:4): Starting proxy instance; client_fd='15', client_address='AF_INET(192.168.1.5:1056)', client_zone='Zone(internet, 0.0.0.0/0)', client_local='AF_INET(172.16.0.2:22)', client_protocol='TCP'
2011-12-22T17:13:17+07:00 offline zorp/scb_ssh[3178]: core.policy(1): (svc/ssh:4): Inbound service not permitted (cached); service='ssh', client_zone='Zone(internet, 0.0.0.0/0)', client='AF_INET(192.168.1.5:1056)', server_zone='Zone(local, 192.168.1.1/32)', server='AF_INET(192.168.1.1:22)'
2011-12-22T17:13:17+07:00 offline zorp/scb_ssh[3178]: core.policy(1): (svc/ssh:4): Inbound service not permitted; service='ssh', client_zone='Zone(internet, 0.0.0.0/0)', client='AF_INET(192.168.1.5:1056)', server_zone='Zone(local, 192.168.1.1/32)', server='AF_INET(192.168.1.1:22)'
2011-12-22T17:13:17+07:00 offline zorp/scb_ssh[3178]: core.policy(1): (svc/ssh:4/ssh): DAC policy violation; info='DAC policy violation: Server connection is not permitted'
2011-12-22T17:13:17+07:00 offline zorp/scb_ssh[3178]: ssh.error(3): (svc/ssh:4/ssh): Error starting SSH transport layer;
2011-12-22T17:13:18+07:00 offline zorp/scb_ssh[3178]: core.session(4): (svc/ssh:4): Ending proxy instance;

(Dec 22 '11 at 10:03) haiqua haiqua's gravatar image

I had a same problem as haiqua, I use the license demo, my log file has lines;

2012-01-18T12:42:57+07:00 guardian zorp/scb_ssh[3223]: core.error(1): (nosession): License error; error='Trying to use an unlicenced component. This is illegal. (component=ssh-proxy)'

Is it a main cause the problem?

link

answered Jan 18 '12 at 07:33

MrTL's gravatar image

MrTL
1

Your licences demo is Expired Menu > Basic > System > License See [ Valid ] field then change date on your computer ,and restart Tectia Guardian machine . It will working.

thanks !

link

answered Jan 19 '12 at 10:24

haiqua's gravatar image

haiqua
1223

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×7

Asked: Dec 21 '11 at 11:22

Seen: 2,190 times

Last updated: Jan 19 '12 at 10:24

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.