Re: Edge Router - Remote Management Best Options - VPN / Non VPN?

---

agidi wrote:

 

 i cant get the darn "simple"  port 22 rule working.  deamon, keypair, tunneling  .   lol

 

---

Because it's wrong

Change this:

         rule 20 {                                                              
             action accept                                                      
             description remoteadmin                                            
             destination {                                                      
                 address 192.168.0.253                                          
                 port 22                                                        
             }                                                                  
             log disable                                                        
             protocol tcp_udp
         }     

To this:

         rule 20 {                                                              
             action accept                                                      
             description remoteadmin                                            
             destination {                                                      
                 port 22                                                        
             }                                                                  
             log disable                                                        
             protocol tcp_udp
         }     

and bob's your uncle.

Oh, while you're at it - switch to SSH key auth as well.  My link got borken, so will have to hunt.

From memory, it's pretty simple.

configure
loadkey <username> <file>
set service ssh disable-password-authentication

Note you have to copy the key to the ER first (e.g. with scp).