Can i Trust a IP for SSL VPN ( we keep haing to unlock user)
Freshman Member
Afternoon
We have 30 users in 1 x office all SSL VPN into a USG 310.
We have to regularly keep connecting to the router and perform "unlock lockout-users x.x.x.x"
The WAN IP of this office is static and never changes
Can we do something so this IP address is never locked out on a bad password?
Or maybe can we extent the lockout attenpts to a higher value?
0
All Replies
-
There is no IP white list for this.
But you can change lockout maximum retry by CLI Router(config)# users retry-count xx
BTW, assume branch office most users need to access HQ site resource, I strongly recommend install firewall on 2nd office to establish site to site VPN. With site to site VPN, users in branch no need to connect to HQ site individually.
0
Ally Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 152 Nebula Ideas
- 100 Nebula Status and Incidents
- 5.8K Security
- 286 USG FLEX H Series
- 278 Security Ideas
- 1.5K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 251 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 86 About Community
- 75 Security Highlight
