2 Replies Latest reply on Jul 1, 2011 6:00 AM by blatt

    Sidewinder Not-passing traffic, not accepting passwords.

      Hi,

      Please can someone point mw in the right direction, new to this equipment.

       

      This unit is not passing traffic and not accepting previously known good passwords. 

      It responds to pings so I am assuming that the config is still good.

       

      A reboot does not show any signs of sbvious error message.

       

      Thanks in advance,

      M.

        • 1. Re: Sidewinder Not-passing traffic, not accepting passwords.
          PhilM

          Do you have a screen & keyboard connected to the appliance?

           

          Are there any messages on the screen which could indicate if it is unwell?

           

          Can you log into the console CLI?

           

          If you've not been connected directly to the appliance, what method are you using when trying to log in?

           

          Certainly when using SSH, when an administrator's password has expired (default being 90 days), you will simply not be able to log in. However, when using the Administration GUI, you should then be informed that the password (if entered correctly) has expired and you will then be asked to supply a new password.

           

          However, if the password has been changed and a mistake has been made - making you think that it is known, but not realising that this is not the case then you may have some extra work on your hands.

           

          You could try re-booting the appliance into the Emergency Maintenance Mode kernel (formerly called the Admin Kernel) which will take you straight into the box without requiring authentication (but does not enable the network interfaces) and create a new administration account from the command line using the following command:-

           

          cf adminuser add username=TempAdmin directory=/home/TempAdmin password=password-to-be-used role=admin

           

          Reboot the appliance and then try to authenticate using these credentials.

           

          Another reason for not being able to log into the appliance at all is if the "Login Console" rule has been mistakenly moved below "Deny All".

           

          Using the same Emergency Maintenance Mode CLI, run the following command:-

           

          cf policy restore_console_access

           

          This re-creates the original "Login Console" and "Admin Console" rules, placing them above the "Deny All" rule so that you can back in.

           

          If none of these suggestions work, then I'd have to conclude that there's something a bit more serious going on and you'd be better of raising the matter with McAfee Technical Support.

           

          - Phil.

          • 2. Re: Sidewinder Not-passing traffic, not accepting passwords.

            Phil,

            Sorry, should have said that I could not log on either via the gui or the console.

             

            I booted into Emergency Maintenance Mode kernel mode and applied your command to add a temp admin.

            This allowed me to reboot and login first time.  it strangly also started passing traffic immediatly, solving both problems.

             

            I have checked the logs, rulebase etc and can not see any evidence of fowl play.  I have reset all the passwords as a precautionary measure but all seems fine now.  I can not tell, maybe this was a service starting problem maybe?

             

            Owe you one,

            Many Thanks,

            M.