Lost SSH Connection after Changing the Default Zone (Firewalld) in OL7 — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Note!! Please register for a free account to access the full content and also to participate in Q&A in the community

Lost SSH Connection after Changing the Default Zone (Firewalld) in OL7

Applies to:
Linux OS - Version Oracle Linux 7.0 and later

Symptoms:
Unable to connect to instance via ssh

Changes:
The issue started after creating a new default zone in firewalld

[root@localhost ~]# firewall-cmd --get-default-zone
public
[root@localhost ~]# firewall-cmd --new-zone=newzone --permanent
success
[root@localhost ~]# firewall-cmd --set-default-zone=newzone
success 
root@localhost ~]# firewall-cmd --reload
success

Cause:
When a new zone is created and then set as the default zone, it has no services configured to be allowed:

[root@localhost ~]# firewall-cmd --get-default-zone
  newzone
[root@localhost ~]# firewall-cmd --zone= newzone --list-all
newzone (active)
target: default
icmp-block-inversion: no
interfaces: ens3
sources:
services:     <------  No sshd services included
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!