Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Understanding webConfigurator lockout rule conditions

    webGUI
    2
    2
    2.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      inetplumber
      last edited by

      Hi,

      First time poster. Feel free to slap me around if I'm violating some forum rules.

      Was having webGUI connection issues. Discovered that the ip was blocked in the webConfigurator lockout table. The source IP in question is not part of the WAN or LAN networks, and their was a rule on the WAN interface to let this source IP access the webGUI.

      "Disable webConfigurator anti-lockout rule rule" was NOT checked.

      block drop in log quick proto tcp from <webconfiguratorlockout:1> to any port = http label "webConfiguratorlockout</webconfiguratorlockout:1>

      Just trying to do a post-mortem and understand what conditions triggered the addition of the IP to the lockout table. It may very well have been in the table prior to the addition of the explicit rule additions to the WAN interface. All connections to the webGUI are over the WAN interface.

      Great product!!!! We love it and our customers love it.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The main way to land in that table is to repeatedly fail authentication in a short span of time. It helps prevent brute-force login attempts.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.