4 Replies Latest reply on Aug 27, 2013 8:12 PM by ian.nakamoto

    Admin Console Authentication Issue

    ian.nakamoto

      McAfee Firewall Model: S4016

      SecureOS: 8.2.1P05-b_0

      McAfee Firewall Enterprise Admin Console v5.06_b0d, running on a W2K3 server.

       

      The issue we are having is when we try logging into our McAfee Firewall using the Admin Console, we receive a 'Login Incorrect'. The current authentication method we use to access the firewall using the Admin Console is 'Password'. However with that being said, when we login to the local console or through SSH using the same username and password, we are able to login without any issues.

       

      I've tried modifying passwords, creating new admin accounts, and also used the 'cf policy restore_console_access' command and nothing seems to correct this issue. Is there something i'm missing? Any help would be greatly appreciated.

        • 1. Re: Admin Console Authentication Issue
          sliedl

          I believe restore_console_access is only for the local console. Use 'cf policy q | less' hit / to search and then type Admin Console and hit enter. Find the Admin Console rule and make sure the parameters are all correct, that is the source and dest zones are the same and look at the authenticator too.

           

          Also try 'cf auth h' and find the lockout command to see if the user is locked out. It will reset the lockout for a user if you login on the CONSOLE with that user, but not for SSH (that is, if you're locked out you should not be able to login via SSH either).

           

          Make sure you are NOT typing the password into the Password drop down field and that you are hitting enter at the username prompt and typing the pw into the correct field.

          • 2. Re: Admin Console Authentication Issue
            ian.nakamoto

            Thank you for the assistance, the issue was resolved. Used the 'cf auth list user=username', and seen that the lockout value did not reset automatically as it should when you login to the CONSOLE. So I had to use the 'cf auth flush user=username' command to clear the lockout value manually. Once that was done I was able to login to the Admin Console.

            • 3. Re: Admin Console Authentication Issue
              sliedl

              I believe there's a reset_lockout value there also. Is that set to no? That would explain it.

              • 4. Re: Admin Console Authentication Issue
                ian.nakamoto

                There is no reset_lockout value when utilizing the 'Password' authenticator option. For one reason or the other, the lockout attempt value just did not clear when logging into the firewall through the local console.