IPv6 SSH

Leave a reply

IPv6 SSH

FortiGate supports SSH traffic through IPv6. When the proxy option is set to ssh in a proxy policy, IPv6 source and destination address options become available and SSH profiles can be assigned to IPv6 firewall policies.

Syntax in IPv6 firewall policy

config firewall policy6 edit 1 set utm-status enable set ssh-filter-profile <example> end

Syntax in proxy policy

config firewall proxy-policy edit 1 set proxy ssh set srcaddr6 “all” set dstaddr6 “all” end

Logging

When a proxy policy is being used, SSH traffic logs are generated by wad instead of the kernel.

This entry was posted in Administration Guides, FortiGate, FortiOS 6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.