The usage of segregated parameters is particularly useful in scenarios where you are dealing with firewalls, such as Palo Alto, where transfer requirements can vary significantly.
Specific Scenario: Managing File Transfer on Firewalls
-
Disabling File Transfer:
-
In situations where you need to disable file transfer for SSH sessions due to incompatibilities or security requirements, you can create a segregated parameter to disable this functionality.
-
Example: On a Palo Alto firewall, you may find that file transfer interferes with security policies or prevents remote sessions from starting. In this case, you can disable file transfer in a segregated parameter and thus adapt the behavior of the device to your operational needs.
-
Procedure to Disable File Transfer:
-
Configure a segregated parameter on the device or credential as needed.
-
Uncheck or disable the file transfer option.
-
Save the settings and perform tests to ensure that the modification has not affected other essential features.
It is important to understand that when creating a parameter segregated by credential or device, all sessions performed by that device or credential will be affected. Therefore, in a situation where the transfer should not be allowed in SSH sessions, but should be allowed in web sessions (HTTPS), it is necessary to validate the option of having different credentials for each type of access.