Use an Ziti Router to Reach the Target VM

Imagine you have a target virtual machine (VM) with the IP 52.165.34.120, which hosts an SSH service on port 22. Instead of directly exposing this VM to the public internet, you can use OpenZiti's intermediate router (Ziti Edge Router) to securely relay connections.

I have deployed the controller and router at the openzitivm which has all the setup for openziti, and then I added the vmssh service to be given access to the dev team.

When I tested as a developer using edge client desktop, then i was able to ping the vmssh.ziti end point but the ssh is not working.
So could you please help me setting up this, I dont want anything deployed on target vm. I want to use openzitivm for openziti setup and then the openziti would connect to target vms over its publicip.

Any help or leads are appreciated.

Maybe you forgot to create a service edge router policy (to assign the service to a router).

Or the SSH port is not reachable from outside because of a firewall, be it on the vm or on the network.

No no all this is already done but still unable to get it running

Hi @sanmarg,

Can we stop and clarify if this diagram below is what you're looking to accomplish?

Show are three VMs in a cloud virtual network. (you could do this with one or two vms if you prefer)

So you're looking to ssh to that third VM without exposing the sshd port, right? That is absolutely possible if that's what you're asking?