Issue/Introduction:
I have followed TECH242662 and TECH242659 , but SFTP is still not working through an Explicit proxy.
I have configured TCP tunnel listener on port 22 (under proxy services), and also configured forwarding host for SFTP on tcp port 22 but still not working.
Resolution:
In this situation, please apply following changes (understanding TECH242662 OR TECH242659 have already been applied)
- From the Management Console, go to Services > Management Services.
- On the right panel, select SSH - Console, and click Edit
- Select Listener with port is 22, and click Edit.
- Change that port from 22 to another port which is not being used for any other proxy services (4000-5000 preferred).
- Click OK > click OK again > finally click Apply.
Then, try to connect to SFTP host again using FileZilla; follow TECH242662 or TECH242659.
Notes:
- Make sure to make necessary configuration changes if the ProxySG,SW VA, ASG appliance is connected to Management Center (as port 22 will no not be used for SSH console after following above steps).
- After applying the above changes, ProxySG, SWG VA, ASG CLI can be accessed via the port configured in step 4.
- Create an appropriate rule in the VPM to allow SFTP traffic if the default Proxy default policy is deny.