I have an X460-G2 on firmware 220.127.116.11.
I want SSH access to only be available from VR-Mgmt, so I have configured as follows:
enable ssh2 vr VR-Mgmt
If I attempt to SSH to the device using an IP that belongs to VR-Default, while I can’t log in I do get an SSH login prompt. Additionally if I use portqry to probe port 22 the port is returned as ‘listening’. The addresses in question are accessible from the internet so this is not really acceptable from a security standpoint.
I have already disabled SSH and re-enabled specifically specifying VR-Mgmt.
Firstly - how can I prevent all SSH repsonse on VR-Default? Port 22 should not be seen as open.
I do not wish to restrict access to specific IP addresses - it should be allowed from VR-Mgmt and nowhere else.
Secondly - surely this behaviour is a bug and there should be no response on VR-Default? Why would the device respond when SSH is specifically only enabled on VR-Mgmt?