Skip to content

SSH Forwarding Policy Rule

Add a policy rule to allow Egress Forwarding SSH service

  1. Click Manage -> Security Policy -> Rules
  2. Find the ruleset name that's associated with the Egress Gateway
  3. Click the ruleset name
  4. There is already a rule here to allow the health check traffic from the load balancer on port 65534 (this port number was specified during the Gateway creation)
  5. Click Create to create a new rule
  6. A new rule editor opens in the slide over panel on the right
  7. Add a name to the rule (e.g. any-egress-ssh)
  8. In the Type dropdown select Forwarding
  9. In the Service dropdown select egress-fwd-ssh
  10. In the Source dropdown select any
  11. In the Destination dropdown select any
  12. In the Action select Allow Log. This lets the Gateway to accept the traffic and log the flows that can be checked in the Investigate section of the Valtix Controller
  13. Leave all the profiles empty (the rules will be enhanced to use these profiles in the later part of the tutorial)
  14. Click Add
  15. Click Save to save all the rules and click Yes in the confirmation
  16. It takes a few seconds to save the policy. Once the ruleset is saved, the Gateway instances pull the ruleset from the Controllerng the regular message exchange process