I have SSH access to our system. However, someone on my staff in my office gets a connection refused when he attempts to connect. Is there a restriction somewhere I have over looked?
Rick Duvall
LLUMC
Can you please provide more detail on what you are connecting to, where you are connecting from, and what any AAA services being used?
Connecting to VM installation of LEM. I am connecting from A.B.13.66 without issue. He is connecting from A.B.13.197. LEM IP is A.192.102.193. He gets an immediate connection refused without a chance to enter credentials.
Check to make sure you have authorization to connect. Such as ACL, group policy, and such.
I’m sorry if I wasn’t clear.
To my knowledge there are no network issues preventing this staff member from reaching the system. He can fun the web gui without issue. Are there settings within the LEM appliance build or application that limit the IP addresses it will accept SSH connections from? I cannot locate anything is the documentation regarding controls on SSH.
The LEM appliance listens for SSH on port 32022 instead of 22, so that might be your first thing to validate (easy mistake).
If you haven't done a "restrictssh" on the appliance (off by default - that lets you whitelist only certain IPs), my next guess would be that their forward/reverse DNS might not match. Sometimes we see the SSH server reject connections where the hostname they say they are coming from doesn't match the hostname reverse looked up by their IP (e.g. if you're connecting from machine1.domain.local 192.168.1.22, nslookup 192.168.1.22 returns machine2.domain.local, it may reject the connection).
It was the port 32022 issue. That fixed the problem.
