Configuring third party firewalls is not covered in this guide. For configuration settings to allow incoming connections to port 22 (the default SSH port) for your firewall check the Port Forward website. If you have problems connecting to the SSH Server over the Local Area Network (LAN) it may well be due to incorrect firewall settings. Opening Port in Windows Firewall. In the advanced security screen, click on the Inbound Rules at the left panel. Click the New Rule at the right panel. In the New Inbound Rule Wizard, Select Port and click Next. Select either TCP or UDP and specify the local port to be opened. Now click Next. Select Allow the connection and click Next.
![Windows Firewall Allow Port 22 Windows Firewall Allow Port 22](/uploads/1/2/5/6/125615547/369313556.jpg)
Alright a bit of a strange issue popped up. We have a marketing company that dials into one of our Windows 7 machines and accesses our CRM to download certain data to compile marketing reports for us. This has been in place for 3 years and has worked well up until about 2 weeks ago.
The service that runs on this box to allow them to do the compiling has to establish 3 outgoing connections to their remote servers one connection on port:443 on connection on port:4048 and one connection on port:22. The connections on ports:443 and:4048 are verifiably established using the netstat command. However the connection on port:22 only happens when they initiate the data mining.
![Allow Allow](/uploads/1/2/5/6/125615547/373119901.png)
The firewall on the windows box is turned off and there is not 3rd party firewall or security software running on it currently. The main fortinet firewall is not preventing any outbound connections on those ports. I do not know where to begin to troubleshoot this because everything I have read says to check the firewall on the local machine and the main network firewall.
Also have run malware scans to see if something of that nature is preventing the connection but the box has come back clean. Thewaytonever wrote:well i know that the fortinet is not. Our Fortinet is managed by GM Dealer IT and I have already placed the call to them to make sure that 22 and 23 are open for outbound on the IP of this box. Before you ask the entire network is static so I know that this is not a issue with it being open on one IP and the IP then changing fubaring up the access rulesBut if the Fortinet isn't managed by you, how do you know something didn't get messed up in it? You can't go in and check it, right? Wrote:thewaytonever wrote:well i know that the fortinet is not.
Our Fortinet is managed by GM Dealer IT and I have already placed the call to them to make sure that 22 and 23 are open for outbound on the IP of this box. Before you ask the entire network is static so I know that this is not a issue with it being open on one IP and the IP then changing fubaring up the access rulesBut if the Fortinet isn't managed by you, how do you know something didn't get messed up in it? You can't go in and check it, right?I agree with Larry. How are the rules setup? Are they blocking port 22 outbound for everything but this static ip or did they say they're not blocking any outbound ports?
Ok I think I may be on to something. I am looking at the netstat data. What I am seeing is that the computer is making the connections to the 209.206.21x.xxx network through nonstandard ports.The connection to 209.206.21x.xxx: 4048 is made on the local machine port 49172The connection to 209.206.21x.xxx: 443 is made on the local machine port 49173Seeing how they are sequential ports the service must be telling the local machine to use these ports. So I was looking for a port 49171 or port 49174I see on port 49171 that there is a connection to a thing called ip131:httpsSo I am thinking if the service is trying to make the connection to 209.206.21x.xxx: 22 on port 49171 that there might be my problem since the port already has an established connection with this ip131:https thing.