SSH failure in f5

Question

Hi All/DC Experts,&nbsp;
I am having trouble right in SSH.&nbsp;
We have VIP private and has a pool member.&nbsp;
This VIP has a public IP (NATTD)&nbsp;
We open ports 22 from the VIP and poolmember but still failing the SSH.&nbsp;
But if we translate the public ip to poolmember IP we are successful in SSH.&nbsp;
Could someone help me on this.&nbsp;
Thank you.&nbsp;
-Nat&nbsp;

youssef1 · Answer

hello,&nbsp;
did you check following points:&nbsp;
VS type = Layer 4&nbsp;
Snat= automap in you VS&nbsp;
VLAN and Tunnel Traffic= All (for the troubleshoot)&nbsp;
You can monitor your pool memeber with a simple TCP monitor and validate that your F5 can reach your backend server.&nbsp;
Check that you receive flow in your F5 and the ssh request is send to backend with a capture (CLI):&nbsp;
tcpdump -nni 0.0 host (you VS IP) and port 22&nbsp;
tcpdump -nni 0.0 host (you backend IP) and port 22&nbsp;
Do this test and let me now if you check all this point...&nbsp;
Regards,&nbsp;

mathew · Answer

If your server gateway is not F5 selfip make sure you have enabled automap on virtual server.&nbsp;

seth_cooper · Answer

Can you please tell us how it is failing?  Is the backend sending a reset or a close of some sort or is the traffic not even getting to the backend?  A little bit more information about what is failing might help us in telling you why it is failing.

nath · Answer

Seth Hi,

My testing was this. I am using winSCP to check if it will pass through.
If there is f5 cannot connect to winSCP, but if we remove f5 winSCP prompts username&amp;pass means it is working.

Thanks,

-Nat

Forum Discussion

SSH failure in f5

4 Replies

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

Enable telnet on SSH

Monitoring Failure OAuth request

Add ssh-rsa to 17.1.1 host key algorithm

Mitigating OWASP Web Application Risk: Security Logging & Monitoring Failures using F5 XC Platform

Mitigating OWASP Web Application Risk: Identification and Authentication Failures using F5 XC