Closed RepotSirc closed 2 weeks ago
Your jump session will have a source IP that belongs to the jump host, but there are other possible causes of this error besides just the firewall. It's very likely that your ssh server on the jump host is configured to disable forwarding. Check your SSHD server config on the jump host for parameters related to forwarding:
AllowTcpForwarding PermitOpen
Depending on which SSH implementation you're using, these might vary a bit.
@andrewschenck, you are right TCP forwarding is not permitted just got confirmation from our system admins
So I have this setup
PC [192.168.0.0/24] --- jumphost [10.10.10.0/24] --- router [10.20.30.0/24]
In summary Iam able to successfully connect to the jumphost but when I connect to the router I am getting Administratively prohibited error. The router is configured to only allow ssh connection from the jumphost ip subnet which is 10.10.10.0/24 and everything else is denied. Now I am getting denied access to the router, is it possible that the source ip of ssh connection towards the router is the 192.168.0.0/24 (PC) instead of the jumphost subnet (10.10.10.0/24)?
Below is my code
Output
Error