Forum Discussion
NimbostratusSSH failure in f5
Hi All/DC Experts,
I am having trouble right in SSH.
We have VIP private and has a pool member.
This VIP has a public IP (NATTD)
We open ports 22 from the VIP and poolmember but still failing the SSH.
But if we translate the public ip to poolmember IP we are successful in SSH.
Could someone help me on this.
Thank you.
-Nat
4 Replies
youssef1Cumulonimbus
hello,
did you check following points:
VS type = Layer 4
Snat= automap in you VS
VLAN and Tunnel Traffic= All (for the troubleshoot)
You can monitor your pool memeber with a simple TCP monitor and validate that your F5 can reach your backend server.
Check that you receive flow in your F5 and the ssh request is send to backend with a capture (CLI):
tcpdump -nni 0.0 host (you VS IP) and port 22
tcpdump -nni 0.0 host (you backend IP) and port 22
Do this test and let me now if you check all this point...
Regards,
MathewCirrus
If your server gateway is not F5 selfip make sure you have enabled automap on virtual server.
- Seth_Cooper
Employee
Can you please tell us how it is failing? Is the backend sending a reset or a close of some sort or is the traffic not even getting to the backend? A little bit more information about what is failing might help us in telling you why it is failing. 
NathCirrostratus
Seth Hi, My testing was this. I am using winSCP to check if it will pass through. If there is f5 cannot connect to winSCP, but if we remove f5 winSCP prompts username&pass means it is working. Thanks, -Nat
