Security / SD-WAN. I cant telnet or SSH

samgbuyi
Getting noticed

Security / SD-WAN. I cant telnet or SSH

Meraki is blocking me from telnet or SSH into other devices, please anyone with possible assistance as to how i can correct this should please respond asap.

 

Thanks 

17 REPLIES 17
SoCalRacer
Kind of a big deal

Are you and all the devices you are trying to ssh from and to behind the MX (local traffic)? Same VLAN?

yes

Hi @samgbuyi 

 

If the src and dst are on the same vlan that resides behind the MX there would be no enformement being done on the MX as there is no L3 involved.

 

I believe you problem is in relation to something else. I'm certain you will have the same result if you unplug the lan interface on the MX from your switch.

 

Perhaps check the server itself.

 

i do experience it only when i have the MX on, if i disconnect the MX i can telnet and ssh to all device

Is your MX in passthrough mode and in between the computer and the SSH devices?

yes its in between the system and the device 

MX to switch

WLC to switch

Router to switch basically for VoiP

Can you also confirm if the MX is in passthrough mode?

its Routed mode and not Passthrough
SoCalRacer
Kind of a big deal

As @BrechtSchamp asked if the MX is in passthrough will help determine the issue. Below you can check that setting.

 

Security & SD-WAN > Configure > Addressing & VLANs > Deployment Mode - Will be Routed or Passthrough

it is Routed

Routed
cmr
Kind of a big deal
Kind of a big deal

As it is routed it must be separate VLANs either side.  Are you on the WAN side, or the LAN side?  Is the device you need to say/telnet to on the WAN side or the LAN side?

samgbuyi
Getting noticed

Separate VLAN either side like how?
I am trying to connect from my laptop which is on WAN
SoCalRacer
Kind of a big deal

Disable IDS or turn it down

Security & SD-WAN > Configure > Threat protection

 

still the same

I have the same problem. Content filtering is disabled. I can ping the host, but i cannot SSH into it.

 

There is no firewall rule blocking the port.

 

And, when i take off the MX (MX67), i can SSH into the device perfectly.

Nick141Tech
New here

I'm having the same issue. "Content filtering is disabled. I can ping the host, but i cannot SSH into it. There is no firewall rule blocking the port. "

 

Removing our MX85 allows SSH connections to function. I'm attempting to SSH into our router connected to the WAN side of the MX95.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels