2 Replies Latest reply: Jan 24, 2013 3:33 PM by nix RSS

    Lost Administracion.

    nix

      While testing, set just one all to all policy between two areas that allows any port, just to test. I got a message that other policies would be desactivated. Which I thought that only those two areas. but now I can not access through SSH, or console. for nothing. BUT i was wrong..... But if you have a ALL TO ALL, you must have access for any port.

       

      I put a computer directly to the server (firewall S2008) but does not recognize the administrative user

       

      Any ideas?

       

      How reset the user?

      How rollback by command line using "root" ....

        • 1. Re: Lost Administracion.
          mtuma

          Hello,

           

          Unfortunately if your all to all rule grabs the SSH, Admin Console traffic, it will not be sent to the appropriate service and therefore you can no longer connect.

           

          I do not understand why you cannot login though. Your rule should not have affected that. Unfortunately if you cannot get in there, you will have to reboot the firewall and go into the Maintenance mode. This does require that you are directly at the console. Once you are there, you can disable the rule:

           

          cf policy modify name="XXXX" disable=yes

           

          After that, try rebooting back into the Operational Kernel.

           

          shutdown -r now

           

          Hope this helps.

           

          -Matt

          • 2. Re: Lost Administracion.
            nix

            Matt  yupii.  i used cf policy showtable, to get name of the last policy and yours intructions.

            i finally get in.