[ATP/FLEX] How to access SSH service of Nebula Firewall?
Zyxel Employee
Scenario:
Sometimes, when troubleshooting network issues, we might need to access a device via SSH. You can follow the steps below to access the device's SSH service for troubleshooting.
Steps:
You may skip step 1) if you access SSH service from LAN interface of the device.
1) Create a security policy to allow SSH service from wan interface. By default, it is unable to access device SSH service from wan interface when the device is managed by nebula. There is no Implicit firewall rule to allow device SSH access from wan.
Go to Configure > Firewall > Security Policy.
In Implicit allow rules, there is no implicit rule to allow SSH access from wan to Device TCP 22 port
Click Add to create a security policy rule to allow SSH access from Wan.
Action = Allow
Protocol = TCP
Source = Any
Destination = Device
Dst Port = 22
*For security concern, we strongly suggest you add trusted IP to Source IP, instead of any.
Click Save to commit setting to Nebula.
2) Go to Configure > Site settings to check local credentials.
3) SSH into the device and log in with local credentials. You can debug via the CLI in the SSH terminal.
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 154 Nebula Ideas
- 103 Nebula Status and Incidents
- 5.9K Security
- 307 USG FLEX H Series
- 284 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 256 Service & License
- 397 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 77 Security Highlight