Hello Team,
This is the scenario:
FGT firewall offering SSL VPN service
Is there any way to do these things?
1. Autoban IP same user wrong password 5 attempts over 10 minutes
2. Autoban IP different user wrong password 10 attempt over 30 minutes
Thanks for the support
BR
Hello @luca1994 ,
Actually Fortigate does this automatically. But it just looks IP address of who tried. If a person has tried to login with the same IP address after 2 tries FortiGate will ban the IP address of the client for 60 seconds.
If you want, you can change this setting with these cli commands.
config vpn ssl settings
set login-attempt-limit 2
set login-block-time 60
end
If you want to take more specific action for a ban, you can use automation for that. It can follow the logs with automation and it can take action for you.
Hi, you can configure the automation stitch and do the same. as mentioned in the article below
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Block-SSL-VPN-failed-logins-with-an-automa...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.