Clear Blocked IP’s from NSM

Problem or Goal:

Need to clear a blocked IP address


If any particular users tries to login to the NSM GUI with invalid credentials for more than 3 times, NSM will block that particular source IP address for another 1 hour for new login attempts. In order to clear the blocked IP address/list of addresses from the NSM backend, follow the below procedure.

Procedure detailed below is only applicable to versions 2007.1 onwards.

  1. Login to NSM server as user root
  2. Stop the NSM server processes using below command.

    /etc/init.d/haSvr stop
    /etc/init.d/guiSvr stop
    /etc/init.d/devSvr stop

    In case of HA (High Availability) setup , stop the processes on the standby server first and then stop processes on active server.

  3. Change to location /usr/netscreen/GuiSvr/utils to launch the DB editor as below

    cd /usr/netscreen/GuiSvr/utils

  4. Choose “n” to launch the DB editor in read/write mode.
    image 1
  5. Choose option 4 in the menu  and enter the category name as “0.blockedIPList” to list the blocked IPs. This will list all the IP addresses that are blocked by NSM server.
  6. From the output of the above list note down the “object-id” for each IP address that needs to be cleared form the DB.
  7. Once back on the main menu choose option 11 and then provide the object id as 0.blockedIPList.<object-id> to delete the blocked IP from the backend. Repeat this process for each IP that needs to be cleared from the backend.
    image 3
  8. Once all the IP addresses are cleared from the backend choose option 12 to quit from the menu. Start the NSM processes using below commands.

    /etc/init.d/haSvr start
    /etc/init.d/guiSvr start
    /etc/init.d/devSvr start

Was this article helpful?

Related Articles

Leave A Comment?

You must be logged in to post a comment.