Closed
Bug 1061779
Opened 10 years ago
Closed 10 years ago
fwunit1 access to git-internal, srxes
Categories
(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)
Infrastructure & Operations Graveyard
NetOps: DC ACL Request
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: dcurado)
Details
I need a flow for the flow tester..
fwunit1.private.releng.scl3.mozilla.com
-> git-internal.mozilla.org 22/tcp
fw1.releng.scl3.mozilla.net 22/tcp
fw1.scl3.mozilla.net 22/tcp
If the fw1 flows are problematic and would be easier from some other VLAN, I'll be happy to move this host - just let me know.
|
Assignee | |
Updated•10 years ago
|
Assignee: network-operations → dcurado
|
|
Assignee | |
Comment 2•10 years ago
|
||
Dustin -- What happens when you try to ssh to 10.26.75.1 and/or 10.22.75.1 Those are the private IPs of fw1.releng.scl3 and fw1.scl3 Thanks...
Flags: needinfo?(dustin)
|
Reporter | |
Comment 3•10 years ago
|
||
[root@fwunit1.private.releng.scl3 ~]# nc -vz 10.26.75.1 22 ^C [root@fwunit1.private.releng.scl3 ~]# nc -vz 10.22.75.1 22 ^C (no connection, in other words)
Flags: needinfo?(dustin)
|
|
Assignee | |
Comment 4•10 years ago
|
||
This part is in place:
From zone: dc, To zone: private
Source addresses:
fwunit1.private.releng: 10.26.75.128/32
Destination addresses:
git-internal.mozilla.org: 10.22.75.154/32
Application: junos-ssh
IP protocol: tcp, ALG: 0, Inactivity timeout: 86400
Source port range: [0-0]
Destination port range: [22-22]
Still working on the ssh access to the firewalls.|
|
Assignee | |
Comment 5•10 years ago
|
||
OK, let's forget trying to ssh into the firewall directly connected interfaces. If you use their external names... fw1.releng.scl3.mozilla.net and fw1.scl3.mozilla.net, it appears to work now. [dcurado@fwunit1.private.releng.scl3 ~]$ nc -vz fw1.releng.scl3.mozilla.net 22 Connection to fw1.releng.scl3.mozilla.net 22 port [tcp/ssh] succeeded! [dcurado@fwunit1.private.releng.scl3 ~]$ nc -vz fw1.scl3.mozilla.net 22 Connection to fw1.scl3.mozilla.net 22 port [tcp/ssh] succeeded! If this still does not work for you, please re-open. Thanks.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 6•10 years ago
|
||
Rock on -- that was even what I asked for ;)
|
||
Updated•2 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•