PAM has known issue with port 8550 is always queried when it make connection to target device with ssh/rdp.
There is KB describe this issue. And enhancement request is also raised for disable/enable query on SFA port(8550)
I am wondering if this behavior changed in latest PAM or lastest PAM still query port 8550 when make connection.
Also is there any other way to mitigate this problem other than reject package in firewall setting?
Hi Jerry, No, this has not changed so far. The documents you found are still accurate.
Is there any way to make this problem less severe other than rejecting query packet on target firewall?
Hi Jerry, If you open the firewall between PAM and the target devices for 8550, then the connection attempt should run into a "Connection refused” error and fail without delay. That's the one alternative that should work for SSH connections to UNIX/Linux targets, but it will not work with Windows devices that have a local firewall running, unless you change the default behavior of the firewall, see https://support.ca.com/us/knowledge-base-articles.tec1215493.html.