Could it be that he has ARP issues on that switch/router? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 27, 2004 3:28 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Lost ssh access to SPLAT firewall!
Is there anything else in this switch and VLAN other than the firewall and management station? I believe you said in another email they are both on this switch... could be something doing a TCP reset on the ssh port. Regards, Matt Goddard Security Information Team Schneider National 920-592-4787 [EMAIL PROTECTED] |---------+--------------------------------------------> | | "Erik A. Widholm" | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | KPOINT.COM> | | | | | | | | | 10/27/2004 02:36 PM | | | Please respond to Mailing list | | | for discussion of Firewall-1 | | | | |---------+--------------------------------------------> >--------------------------------------------------------------------------- -------------------| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: Re: [FW-1] Lost ssh access to SPLAT firewall! | >--------------------------------------------------------------------------- -------------------| https works fine traceroute works fine ping works fine tcpdump shows [SYN] packets fw monitor shows NOTHING If I issue 'ping -t firewall_address' and then fire up ssh, I'm connected just fine as long as the ping is running. Very odd.... ----- Original Message ----- From: "Previtera, Sal" <[EMAIL PROTECTED]> Date: Wednesday, October 27, 2004 1:12 pm Subject: Re: [FW-1] Lost ssh access to SPLAT firewall! > Can you reach it by HTTPS://firewallipaddress (if multiple > interface...trythem all)? > Have you try traceroute ? > Are you using Smart Defense? > > > -----Original Message----- > From: Erik A. Widholm [EMAIL PROTECTED] > Sent: Wednesday, October 27, 2004 9:19 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Lost ssh access to SPLAT firewall! > > Let's see... > > Mgmt station can both accept logs and push policies > > My connection attempts don't register in the logs at all. > > ----- Original Message ----- > From: Mike Feetham <[EMAIL PROTECTED]> > Date: Wednesday, October 27, 2004 8:40 am > Subject: Re: [FW-1] Lost ssh access to SPLAT firewall! > > > Erik, > > > > Start with the obvious. Is your firewall log showing your SSH > > connectionattempts as accepted or dropped? I'm assuming your > > management console can > > still communicate with the gateway (policy pushes, etc). > > > > > > -----Original Message----- > > From: Mailing list for discussion of Firewall-1 > > [EMAIL PROTECTED] On Behalf Of Erik A. > > Widholm > > Sent: Wednesday, October 27, 2004 7:54 AM > > To: [EMAIL PROTECTED] > > Subject: [FW-1] Lost ssh access to SPLAT firewall! > > > > I lost ssh access to our FW-1 box (R55 FHA_09) a few days ago, and > > cannotget it back. > > > > The source IPs for the connection have not changed! > > > > Additional details: > > 1. the management station used to be able to ssh to the FW1 > > module, but is > > no longer capable of doing so > > 2. the FW1 module used to be able to ssh to the management > > station, but is > > no longer capable of doing so > > 3. the FW1 module shows sshd running (ps -ef) > > > > Very perplexing.... > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
