Hi,
I successfully deployed a SAS Viya (October version: Version: Stable 2024.09 Release: 20241004.1728056818357) with authorized IP ranges, including my own IPv4.
I can log into the SAS Viya as the administrator to add new users and make them available. However, I am unable to connect to the Jumpbox of the SAS Viya via PuTTY using the matched private RSA key. I am not even able to enter “jumpuser” before receiving a “Connection timed out” error. The same error was also encountered with the September version when a SAS Viya with IP ranges was deployed.
(I am familiar with this process, having deployed SAS Viya without authorized IP ranges several times and successfully connected to the Jumpbox via PuTTY to create home directories for new users)
In addition, I tested my connection to the Jumpbox directly in Azure via port 22, and it showed as accessible.
Please advise on how to resolve this issue.
Thank you.
Accepted Solutions
Hi,
I have identified and resolved the connection issue. The root cause was the presence of multiple IPv4 addresses: one IP from my VPN and another as my original source IP.
To gain access to the Jumpbox, I needed to add my source IPv4 address to the authorized IP range. (In contrast, I access the the deployed SAS Viya via the IPv4 from my VPN)
I discovered my source IPv4 address while connecting to another Jumpbox without authorized IP ranges. The connection log displayed my IPv4 address when accessing the Jumpbox.
Additionally, the source IPv4 address can be found on ifconfig.me. The first IPv4 address listed in the “X-Forwarded-For” row (highlighted in red) is the one recognized by the Jumpbox/Azure VM.
Sorry to hear that you are having this problem.
I'd like to check that our default SSH rules have been created as we'd expect. If you are looking at the jump box in the Azure portal, select "Network settings" from the menu on the left-hand side. You should see something like this:
You should find your IP or your IP range listed in the "source" column on the same row as a rule ending with "-ssh". Can you confirm that you see this?
If your IP is not listed, you can use the AddIPs runbook to add your IP address to the deployment.
Hi @cj_blake
Thank you for helping me with trouble-shooting this connection issue.
I have reviewed my network settings for this Jumpbox, and they match yours. The "Source" for Inbound port rules "1001" displays my current IPv4. (I am able to log into the associated SAS Viya as an admin using this IPv4 address)
Hi,
I have identified and resolved the connection issue. The root cause was the presence of multiple IPv4 addresses: one IP from my VPN and another as my original source IP.
To gain access to the Jumpbox, I needed to add my source IPv4 address to the authorized IP range. (In contrast, I access the the deployed SAS Viya via the IPv4 from my VPN)
I discovered my source IPv4 address while connecting to another Jumpbox without authorized IP ranges. The connection log displayed my IPv4 address when accessing the Jumpbox.
Additionally, the source IPv4 address can be found on ifconfig.me. The first IPv4 address listed in the “X-Forwarded-For” row (highlighted in red) is the one recognized by the Jumpbox/Azure VM.
- Ask the Expert: How Do I Perform Customer Segmentation With SAS Intelligent Decisioning? | 12-Nov-2024
- Ask the Expert: How Do I Perform Customer Segmentation With SAS Intelligent Decisioning? | 12-Nov-2024
- Club SAS de Quebec | 13-Nov-2024
- Hands-on Workshop: SAS® Viya® Workbench (at SAS Headquarters) | 13-Nov-2024
- SAS Bowl XLV, SAS Visual Analytics | 13-Nov-2024
- Ask the Expert: Leveraging R for Statistical Analysis in LSAF | 19-Nov-2024
- Fall OASUS Meeting | 21-Nov-2024
-
593 views
-
0 likes
-
-
