After upgrading SEP 14.x to 14.2 or later ,the ssh sessions can't connect using default firewall policy.
While this was working for with 14.0.3929.1000(14 RU1 MP2) or earlier
2019-05-28 14:22:05.256 KST DEBUG util.scheduler [2019-May-28 14:22:05.256466] [DEBUG] Scheduler sleeping for 00:00:59.999998 seconds
2019-05-28 14:22:06.525 KST DEBUG smc.SEPFWEventHandler [2019-May-28 14:22:06.525848] [DEBUG]SEPFirewallEventHandler::handlePacketFirewallEvent sending traffic log ( Rule Name: 다른 모든 IP 트래픽 차단, 기록, Protocol: TCP, Direction: Outgoing, LocalIPFamily: AF_INET, LoacalIP: xxx.xxx.xxx.xxx, LocalIPv6: xxx.xxx.xxx.xxx, LocalPort: 49279, RemoteIPFamily: AF_INET, RemoteIP: xxx.xxx.xxx.xxx, RemoteIPv6: xxx.xxx.xxx.xxx, RemotePort: 10443, Action: Block, EmailAlert: 0, Severity: 15, CurrLocation: 기본값, UserName: xxxx ,Domain:local).
2019-05-28 14:22:07.556 KST DEBUG smc.SEPFWEventHandler [2019-May-28 14:22:07.556152] [DEBUG]SEPFirewallEventHandler::handlePacketFirewallEvent sending traffic log ( Rule Name: 다른 모든 IP 트래픽 차단, 기록, Protocol: TCP, Direction: Outgoing, LocalIPFamily: AF_INET, LoacalIP: xxx.xxx.xxx.xxx, LocalIPv6: xxx.xxx.xxx.xxx, LocalPort: 49279, RemoteIPFamily: AF_INET, RemoteIP: xxx.xxx.xxx.xxx, RemoteIPv6: xxx.xxx.xxx.xxx, RemotePort: 10443, Action: Block, EmailAlert: 0, Severity: 15, CurrLocation: 기본값, UserName: xxxx ,Domain:local).
2019-05-28 14:22:08.556 KST DEBUG smc.SEPFWEventHandler [2019-May-28 14:22:08.556340] [DEBUG]SEPFirewallEventHandler::handlePacketFirewallEvent sending traffic log ( Rule Name: 다른 모든 IP 트래픽 차단, 기록, Protocol: TCP, Direction: Outgoing, LocalIPFamily: AF_INET, LoacalIP: xxx.xxx.xxx.xxx,, LocalIPv6: xxx.xxx.xxx.xxx,, LocalPort: 49279, RemoteIPFamily: AF_INET, RemoteIP: xxx.xxx.xxx.xxx,, RemoteIPv6: xxx.xxx.xxx.xxx, RemotePort: 10443, Action: Block, EmailAlert: 0, Severity: 15, CurrLocation: 기본값, UserName: xxxx,Domain:local).
SEP Version : 14.2 and later
SEPM Version : 14.2 and later
By default, ssh is blocked by default Firewall rules. Firewall feature was first introduced in 14.2 for Mac clients. 14.0 client had no Firewall support
Create new allow rule to allow remote port 22 (attached screenshot).