Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 590 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

If no user on a firewall for an API call, the WebAdmin breaks down

Ben@Network

Hello Community,

for info: if there is no user on a firewall for an API call, the WebAdmin breaks down and is unreachable for about 10 minutes. The API responds with this message:

<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1900.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Failure</status>
</Login>
</Response>

This is reproducible on Sophos firewalls running SFOS 19.0.1-MR1-Build-365.

Ben



This thread was automatically locked due to age.
  • 0

    Is it possible your IP is blocked after too many authentication failures?
    Do you tried another IP at the PC?
    .. or stops the XG packet forwarding at all?


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Hi Dirk,

    no, everything works well if I create my apiuser on firewall. I use the same script from the same PC to make my API calls. 

    The firewall itself will also working if the WebAdmin access is blocked.

    Ben

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Ben@Network

    Hello Ben,

    Thank you for contacting the Sophos Community.

    Can you provide the exact steps to reproduce this issue, so I can bring it to the attention of DEV team to confirm if this is expected or might be an issue?

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to Ben@Network

    Actually, Dirk was talking about a different scenario: So if you send a XML Request to the firewall without a user, it will generate a faulty login. This means, if you have multiple XML Files (in a script) you can generate enough Requests to get blocked by the Password guessing protection. 

    __________________________________________________________________________________________________________________

Unfiltered HTML