Intermittent 'Login Full' error when trying to manage the firewall

Description

Firewall UI gives 'Login Full' error when trying to login to the firewall management page. This affects management locally as well as externally. 

NOTE: SSH management is not affected

 

Cause

One of the possible reasons for this behavior is that the firewall is flooded with multiple login attempts to the SSLVPN services/Virtual Office portal which is open on the WAN side of the firewall.

In the example below, the image references IP address from the network 80.94.95.0/24 with the Geo-IP origin of Romania.


Image


Resolution

If the firewall is already exhibiting the symptoms, please power cycle the Firewall to restore UI access and make the following configuration changes to prevent this issue from re-occurring.

  1. Upgrade firmware to the most recent version available on mysonicwall.com.  KB article: How can I upgrade SonicOS Firmware?    
    NOTE:   If the firewall is operating on a Hotfix Firmware provided by Sonicwall Support, Please refer to the release notes available on mysonicwall.com prior to upgrading the firmware. Please contact Sonicwall Support for any questions.
  2. Log in to the SonicWall Appliance, Click Manage |SSL VPN |Portal Settings. Enable the option "Disable Virtual Office on Non-LAN Interfaces" and click accept Image  
  3. Create an address object for the network:  80.94.95.0 netmask 255.255.255.0 and then create an access rule to block traffic from that network. Navigate to MANAGE |Objects| Address objects    Create address object with zone assignment: WAN, Type: Network,  Network: 80.94.95.0 netmask 255.255.255.0 Image
    Navigate to MANAGE |Rules | Access Rules    Create an access rule from zone WAN to All/Any zone with Action: Deny, Source: 80.94.95.0 netmask 255.255.255.0,  Destination: Any.    This access rule will  block inbound traffic from the network: 80.94.95.0 netmask 255.255.255.0
        Image
  4. Enable Botnet filter   To configure Botnet filter, Navigate to Manage |Security services | Botnet Filter Image  
  5. Use Geo-IP filter to block traffic originating from Romania.KB article: Using Geo-IP filtering to block connections coming to or from a geographic location.
    To configure Geo-IP filter, navigate to Manage |Security services |Geo-IP Filter
    Image

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
NSa Series
SSLVPN
Firewalls
NSa Series
User Login
Firewalls
TZ Series
SSLVPN
Firewalls
TZ Series
User Login
not finding your answers?
Ask the Community