openssh windows to different subnet via M470
I have setup M470 with 3 interfaces:
- interface#1 : external which connected to ISP
- interface#2 : trusted with IP 192.168.0.252 to network 192.168.0.0/24
- interface#3 : optional with IP 192.168.12.252 to network 192.168.12.0/24
I can ssh from trusted to a machine (192.168.12.3) in optional interface with Ubuntu and Centos, but always got disconnected while using OpenSSH or Putty from windows 10. The latter always success in login, but after a while (~10 secs) are always got disconnected with error 10060
However I can normally ssh to 192.168.12.3 via external network with same windows machine, Firebox is configured with SNAT from external to optional so I use ISP IP address.
Compared SSH debug from both Linux and windows they have difference in IP_TOS 0x10 which only set by linux machine and not windows.
- windows ssh is normal to same subnet
- Firewall policy for 192.168.12.0 is allowed for port 22
- No firewall policy from 192.168.12.0/24 to 192.168.0.0/24
- I have tried to set source IP to 192.168.12.252 but no effect
- No QoS is set in the firebox
How can I set Firebox to be able to locally SSH from windows machine?