Problem or Goal:
Need to clear a blocked IP address
Solution:
If any particular users tries to login to the NSM GUI with invalid credentials for more than 3 times, NSM will block that particular source IP address for another 1 hour for new login attempts. In order to clear the blocked IP address/list of addresses from the NSM backend, follow the below procedure.
Procedure detailed below is only applicable to versions 2007.1 onwards.
- Login to NSM server as user root
- Stop the NSM server processes using below command.
/etc/init.d/haSvr stop
/etc/init.d/guiSvr stop
/etc/init.d/devSvr stopIn case of HA (High Availability) setup , stop the processes on the standby server first and then stop processes on active server.
- Change to location /usr/netscreen/GuiSvr/utils to launch the DB editor as below
cd /usr/netscreen/GuiSvr/utils
./.xdbViewEdit.sh - Choose “n” to launch the DB editor in read/write mode.
- Choose option 4 in the menu and enter the category name as “
0.blockedIPList” to list the blocked IPs. This will list all the IP addresses that are blocked by NSM server.
- From the output of the above list note down the “object-id” for each IP address that needs to be cleared form the DB.
- Once back on the main menu choose option 11 and then provide the object id as
0.blockedIPList.<object-id>to delete the blocked IP from the backend. Repeat this process for each IP that needs to be cleared from the backend.
- Once all the IP addresses are cleared from the backend choose option 12 to quit from the menu. Start the NSM processes using below commands.
/etc/init.d/haSvr start
/etc/init.d/guiSvr start
/etc/init.d/devSvr start
Leave A Comment?
You must be logged in to post a comment.