Does the Norton firewall block port 22 unless we create a rule to allow it? If so then I am unable to create a rule that works.

I am trying to SSH from Windows 11 to an Ubuntu VM. When I try to I get:

ssh: connect to host droplet port 22: Connection refused

I tried creating a rule in the Traffic Rules tab of Smart Firewall. I am not sure what to specify; the following is what I tried:

Enabled: Yes
Action: Allow
Protocol: TCP
Profile: All
Direction: IN/Out
Address: {nothing}
Local port: 22
Remote port: 22

What should I do to allow SSH?

@SamRay_Hobbs Is the VM a remote machine or a local VM being hosted? I see no IP addresses listed in your rule settings. Enter that information, reboot and recheck for changes.

SA

It is a remote system. I added the IP address of the system (the IP address that I SSH to) and restarted Windows and I get the same problem. The rest of the rule is as I specified previously.

I think the keys are good. I assume the error would be different if the keys did not match. I have looked at everything I can think of that might be the problem, I hope that the rule is what I need and that I am almost there.

Change the protocol to ALL. Lets see if that gives a different result.

SA

I changed the protocol to all and restarted Windows. Still no success. The next thing to check is my router. My router is not as easy to configure as most. I will configure it and see if thar solves the problem. I think the Norton firewall rule was also necessary and thank you for help with that.

I had another problem (totally unrelated) between Norton 360, and SSH over to WSL from outside-internet, when the Windows Ethernet is set to public.

However; I stumbled upon this post dozens of times while I was researching, I felt I have to reply.

Your problem is setting both ports (Local and Remote at the same time) to 22, that is causing the filter to never see the connection in the first place therefore the rule itself is never applied.

For Context:

When you initiate an SSH connection from client side (in your case its the Windows with Norton on it)

To: a Server Side (In your case its Ubuntu on VM)

Ubuntu runs (sshd) deamon (similar to windows services) which create a TCP listener on port 22 at the Ubuntu size.

Notice here that SSH only runs on TCP, unlike Remote Desktop Protocol, SSH doesn’t come near UDP.

The Host (Linux) receiving the connection runs sshd deamon and opens a listener on port 22.

However the client side (your windows) is initiating (assuming you use Putty) SSH call from a randomly created port, assigned at the time you connect (through Putty for example), and that randomly created port is the local port in your case, no way on earth it would be 22.

The problem with Norton Internet Security, it’s like any Firewall, can filter based on both sides of the connection. while the port number is predetermined on one side of the connection (the listener side), the port number on the caller side though, is random most of the time.

If Ubuntu-VM was setup on another Machine, then in your case you have to set remote port to 22, and keep local port empty.

but if Ubuntu VM is running on the same machine and you stll can’t connect to it, then there’s big chance that Norton is blocking the Virtual Switch created by the Windows Hyper-Visor, and that’s completely different beast.