Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 5111 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block SSH and WebAdmin facilities from a single IP address

BenoitLambert

I'm getting a bunch of failed login attempts across multiple devices from a single IP address.

I know there is way to limit the SSH and WebAdmin access to certain networks.

 

I have added a firewall rule that drops packets from that IP but I'm still getting those notifications via email.

Whats the easiest way to allow access to both those facilities from everywhere except a few IPs that are causing grief?

 

This is happening on UTM 9's with version of 9.408 and above.

Thanks in advanced for any help.



This thread was automatically locked due to age.
Parents
  • +1

    Hey Benoit.

    I don't think you can do that. You see, best practice is: allow only what you need, block everything else. When you allow "Any" for WebAdmin and SSH, that overrides any firewall rule you create.

    It's your life, but I strongly suggest that you allow access to WebAdmin and SSH only from know IP addresses. You could set a SSL VPN if you need to manage your UTM from the road and allow access to those facilities only to your username or for the SSL VPN Pool. That's what I do.

    Regards,

    Giovani

Reply
  • +1

    Hey Benoit.

    I don't think you can do that. You see, best practice is: allow only what you need, block everything else. When you allow "Any" for WebAdmin and SSH, that overrides any firewall rule you create.

    It's your life, but I strongly suggest that you allow access to WebAdmin and SSH only from know IP addresses. You could set a SSL VPN if you need to manage your UTM from the road and allow access to those facilities only to your username or for the SSL VPN Pool. That's what I do.

    Regards,

    Giovani

Children
Unfiltered HTML