Too many failed logins 45.140.17.26 How possible

I am using UTM 9.720.5, which is the newest firmware.
I know, it is a Russian IP and I am not the only one which tried to be hacked!

Under WebAdmin I have only allowed access from the internal network!

So my question is, why it is possible, that somebody from external can try to login?
Or is the message misleading, so that if somebody is trying to log in from external, that it is already a failed login?

Do you think, that additional actions are necessay, like blocking russian IPs?
Or is my configuration safe?

Thanks for your support,
HGA