Quote:
Originally Posted by avilT  Yes, I do have the stealth rule and ssh is now allowed as I have access lists on the internet routers as well. Why the source IP is not logged? |
Not too sure... i once encounter on R62 UTM-1, allowing checkpoint management connections opens up the ssh too!!...
Did you log the stealth rule?? Ensure the rules are right on top, but below your vpn rules, mgmt rules etc...
Are the other logging for the other rules working?? If so, i would think that stealth rule is not logged...
Try to ssh into your firewall... then do "fw ctl zdebug drop" then try run a ssh from internet see if its logged, you can oso do the same with tcpdump or fw monitor...