Unable to login to management UI - MFA failed

Description

This KB explains how to disable the Multi-Factor Authorization (MFA) for admin (superuser). The situation is presented when for some reason the MFA is not received or scratch code was not saved, and the admin is not able to log in anymore. The MFA or One-time password (OTP) can be disabled over CLI access, using either PuTTY or console connection

Resolution

This article assumes:

  1. You have admin access to SonicWall, in other words, you have the login credentials to the SonicWall firewall
  2. SSH access using any Terminal application like puTTY. If SSH is not enabled on any interface, you can use the Console port to connect and then use puTTY. How can I login to the appliance using the Command Line Interface (CLI)? KB will be useful.

One of the popular programs to use to access the SonicWall SSH shell is PuTTY. It is either SSH over a terminal application or Console port connection with the following properties and then use a terminal application.

  • Bits per second: 11520
  • Data bits: 8
  • Parity: None
  • Stop bits: 1
  • Flow control: None

 NOTE: On Factory default settings, the default username is admin and the password is password 

The commands are the same for Gen7 and Gen6 SonicWall firewalls.

Login using admin credentials to CLI.

Using username 'admin'.
Password:
 
admin@C0EAE45BFEA6> configure
config(C0EAE45BFEA6)# administration
(config-administration)# no admin one-time-password
(config-administration)# commit
% Applying changes...
% Status returned processing command:
    commit
% Changes made.

Image


With the above commands, one-time password is disabled and GUI login will not ask for OTP or MFA anymore.

Related Articles

  • How to block ICMP (Ping ) using Application control
    Read More
  • SonicWall GEN8 TZ and NSa Firewalls FAQ
    Read More
  • How to configure Link Aggregation
    Read More

Categories

Firewalls
NSa Series
Firewalls
NSv Series
Firewalls
TZ Series
not finding your answers?
Ask the Community