Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 9033 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.413 - Everyone Locked Out

ITAdmin8

Hi,

I was just wondering if anyone else has experienced any similar issues? We've had a couple of these - about 2 months apart.

We're using UTM 9 as a WAF to publish our Exchange Webmail.

The system stops authenticating webmail logins and also logging in to the Admin web page and SSH login for the admin user too - every login attempt returns a wrong password message. The only fix is to reboot, at which point logins are back to normal.

We're running on 9.413 on VMware ESXi 6. 

many thanks,

Tom



This thread was automatically locked due to age.
  • 0

    Hi Tom,

     

    We've had this a couple of times where the UTM just appears to stop allowing admin users to log into it with messages about incorrect passwords (we can't all be wrong).

    Normally we've found that the UTM will recover on it's own, but this can be one or two hours later.

    Must admit to not having logged a call about it and no services being provided by the UTM appear to be affected, it's just an admin annoyance.

     

    Best regards,

     

    Dan

  • 0

    I admit I'm confused about this, Tom.  Are you using Reverse Authentication in Webserver Protection?  Are you saying that when people cannot login to Outlook Web Access, the admin user also cannot login to WebAdmin?  The admin user isn't defined for command line access via SSH or at the console.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    the first time we noticed this was because our users couldn't login to Outlook Web Access - when I tried to access the WebAdmin and the command line console to diagnose the problem the admin user was also unable to login.

    I'm currently able to login to WebAdmin but am not able to access the command line console as the admin user, and our OWA access is ok - so I'm thoroughly confused at the moment.

    The error when logging on to the command line console is:

    Failed console login attempt at 2017-06-05 10:20:33 with username UNKNOWN

    The local logins logs show:

    2017:06:05-10:20:33 comp-sophosutm001 login[3433]: FAILED LOGIN 1 FROM /dev/tty1 FOR UNKNOWN, User not known to the underlying authentication module

    cheers,

    Tom

     

     

  • 0 in reply to ITAdmin8

    "I'm currently able to login to WebAdmin but am not able to access the command line console as the admin user"

    There are only two users known at the command line, Tom - loginuser and root.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML