Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Login with Captcha

I have just connected to an XG Firewall and as well as the user name and password and underneath is a captcha image with a box to type in response.

Haven't seen anything about that?



This thread was automatically locked due to age.
Parents Reply Children
  • Received an answer from support this morning.

    The Captcha added are for the security purpose. You would not be able to remove them as of now. They will be visible if the firewall or user portal is access from WAN.

    Well.  Clearly, the tech there haven't read this post.  None of our Firewall behaves the same, and none is accessed from WAN or User Portal.  And yet, one consistently shows Captcha.  The screen shot aint lying.

    Paul Jr

  • FormerMember
    +1 FormerMember in reply to Big_Buck

    Hi  

    When the firewall is accessed using its public IP(in your case Port2) address the Captcha will appear and there is no option to disable it as of now on the WAN zone. 

    Captcha authentication serves as an extra security defense against scripted automated login attempts Captcha has been added to the XG Firewall admin and user portals on the WAN and VPN zones.

    Thanks,

  • H_Patel said:

     

    Captcha authentication serves as an extra security defense against scripted automated login attempts Captcha has been added to the XG Firewall admin and user portals on the WAN and VPN zones.

     

    Ban IP after x unsuccessful attempts, allow admin access only from specified ACL (perhaps with the ability to use name and not only IP), adding two factor auth (OTP, FIDO, DUO, ecc.. ). These are the extra security defense against scripted automated login.

    The only achievement for capcha is annoy the hell out of me every time I try to connect. And beeing an MSP this happens a lot of times in a single day.