SPS as Gateway for Termius SSH connections

Hello Experts,

I've seen SPS can act as a gateway for connections coming from 3rd party client tools like termius etc. I've seen the SPS guide and did the configuration by creating a new connection (another IP) in SPS controls and added LDAP for integration. I'm stuck at the SPS not asking for gateway credentials as it is supposed to. Anyone else achieved this and are there any additional configuration needs to be done? everything is working fine when going from SPP safeguard client, this issue is only for this integration sps initiated.

Kind Regards,

Osman Yousuf

Parents Reply Children
  • Hi Osman,

    The first connection policy that has a match will be the one used from top to bottom order if both have the same port.

    Another workaround is you can switch the ports around to have the safeguard_default use the port 24 (that way sessions that are launched via SPP initiated will use that port automatically) and then use port 22 on SPS initiated so that you don't have to change the port on the client side manually? 

    Thanks!

  • Hi Tawfiq , But in this case if I change for safeguard default to use 24 then any connection from SPP entitlements will use 24 for all backend assets right?

  • Hi Osman,

    the backend assets will still use port 22 but here we would be changing how the client connects to SPS connection policy, for example:

    SPP Initiated:
    Launch session from SPP > SSH client will connect to SPS using connection policy (safeguard_default) on port 24 then SPS will connect to target asset using inband destination selection on port 22 which can remain the same.

    SPS initiated:
    SSH client will connect to SPS using connection policy (the second one) on port 22 then SPS will connect to target asset using inband destination selection on port 22 which can remain the same.

    So for both connection policies the ( SPS > target backend assets) can remain as port 22 which is defined under Target > inband destination selection inside the connection policy but we are only changing it for the connection policy which only affects (Client > SPS) connections.

    Thanks!