[gfont96]

Hello again,

I put both services in seperate rules to see which is it was picking up on and try to identify which version of SSH may have been installed on the client PC. I only want to use SSHv2.

If I used only ssh_v2 then I would see one accept in the log and then an alert saying SSH version 1.x blocked. The client PC's are definately running version 2 (I am told !, but then I am told a lot which isn't quite true.)

I am just having trouble understanding why creating an identical service, but ticking, the match for any box makes it work.

I am wondering whether part of the SSH communication is version 2 but then either downgrades to version 1 because of the client or the second part (certificate transfer ?) takes place in version 1.

It's no big deal as ticking the match for any seems to make it all work, just interested in why really.

Thanks again for your help.

George