SSH Forwarding Policy Rule¶
Add a policy rule to allow Egress Forwarding SSH service
- Click Manage -> Security Policy -> Rules
- Find the ruleset name that's associated with the Egress Gateway
- Click the ruleset name
- There is already a rule here to allow the health check traffic from the load balancer on port 65534 (this port number was specified during the Gateway creation)
- Click Create to create a new rule
- A new rule editor opens in the slide over panel on the right
- Add a name to the rule (e.g. any-egress-ssh)
- In the Type dropdown select Forwarding
- In the Service dropdown select egress-fwd-ssh
- In the Source dropdown select any
- In the Destination dropdown select any
- In the Action select Allow Log. This lets the Gateway to accept the traffic and log the flows that can be checked in the Investigate section of the Valtix Controller
- Leave all the profiles empty (the rules will be enhanced to use these profiles in the later part of the tutorial)
- Click Add
- Click Save to save all the rules and click Yes in the confirmation
- It takes a few seconds to save the policy. Once the ruleset is saved, the Gateway instances pull the ruleset from the Controllerng the regular message exchange process