Did you try Re-Keying the device?
Did you verify that the Subnet Mask and Default Gateway's are correct on both appliances.
Can you ssh directly to the DSM from your computer?
If you need to wipe out the existing keys:
Re-keying a SIEM Appliance to Factory Default (needed for various reasons)
# cat /etc/NitroGuard/factory-id_rsa.pub > /root/.ssh/authorized_keys2
# cat /root/.ssh/authorized_keys2 (should see “Default shared secret ID” at the end of the key)
Clearing the SSH Key for a SIEM Appliance on the ESM (used in conjunction with copying over factory default on device – or when retiring a device)
# ssh-keygen -R x.x.x.x (clears the SSH key on the ESM for an attached Device)