Got it

terminal user authentication times

Created: Sep 12, 2021 15:50:19Latest reply: Sep 12, 2021 16:34:14 253 1 0 0 0
  Rewarded HiCoins: 0 (problem resolved)

On USG, How to modify terminal user authentication times and the join blacklist time when authentication failed?


Featured Answers

Best answer

Recommended answer

Unicef
MVE Created Sep 12, 2021 16:34:14

Dear Friend!
Handling Process:
A: for Telnet users, in the “user-interface” view, use “lock authentication-count” command modify the authentication frequency (the default value is 3 times, range 1-12), use “lock lock-timeout” command modify the join blacklist timeout time when authentication failed (the default value is 10 minutes, range 1-1500).

For SSH users, in system view, using “SSH server authentication-retries” command modify the authentication number (the default value is 3 times, range 1-5), the jion blacklist time cannot be modified, it is 10 minutes. Specific as follows:
[USG2100]user-interface vty 0 4
[USG2100-ui-vty0-4]lock authentication-count ?
INTEGER<1-12> Authentication Count , default is 3

[USG2100-ui-vty0-4]lock lock-timeout ?
INTEGER<1-1500> Value of time (in minutes) , default is 10

[USG2100-ui-vty0-4]q
[USG2100]ssh server authentication-retries ?
INTEGER<1-5> Set the authentication times, the default value is 3 times

Add blacklist authentication frequency configuration command in system view (default values is 3 times, range 1-5), specific as follows:
[USG2100]firewall blacklist authentication-count login-failed ?
INTEGER<1-5> authenticaton times,default value is 3

Suggestions:
When configured the blacklist’s authentication failure frequency both in the user-interface view and the system view at the same time, the priority of configuration in user interface view (user-interface) is higher than in system view.

Thanks!
View more
  • x
  • convention:

All Answers
Dear Friend!
Handling Process:
A: for Telnet users, in the “user-interface” view, use “lock authentication-count” command modify the authentication frequency (the default value is 3 times, range 1-12), use “lock lock-timeout” command modify the join blacklist timeout time when authentication failed (the default value is 10 minutes, range 1-1500).

For SSH users, in system view, using “SSH server authentication-retries” command modify the authentication number (the default value is 3 times, range 1-5), the jion blacklist time cannot be modified, it is 10 minutes. Specific as follows:
[USG2100]user-interface vty 0 4
[USG2100-ui-vty0-4]lock authentication-count ?
INTEGER<1-12> Authentication Count , default is 3

[USG2100-ui-vty0-4]lock lock-timeout ?
INTEGER<1-1500> Value of time (in minutes) , default is 10

[USG2100-ui-vty0-4]q
[USG2100]ssh server authentication-retries ?
INTEGER<1-5> Set the authentication times, the default value is 3 times

Add blacklist authentication frequency configuration command in system view (default values is 3 times, range 1-5), specific as follows:
[USG2100]firewall blacklist authentication-count login-failed ?
INTEGER<1-5> authenticaton times,default value is 3

Suggestions:
When configured the blacklist’s authentication failure frequency both in the user-interface view and the system view at the same time, the priority of configuration in user interface view (user-interface) is higher than in system view.

Thanks!
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.