Fibre Channel (SAN)

Reply
New Contributor
Posts: 2
Registered: ‎01-29-2016

failed to login to web management. Event:Security Violation

[ Edited ]

Always failed to login to web management to the brocade san switch.

 

what it shows in the error log :

"[SEC-3039], 1113, FID 128, INFO, FC_SW, EventSmiley Frustratedecurity Violation , Status: failed, Info: Unauthorized host with IP address tries to establish connection using TCP violation-port 80"

 

The ip address showed in the error log is my ip address.

 

I'm using firefox 45 and java 1.7.0_76

 

any clue what should I do?

New Contributor
Posts: 4
Registered: ‎07-27-2017

Re: failed to login to web management. Event:Security Violation

HI there.

 

i have the same erro on two brand new SAN24b-4!

did you find a solution?

 

thank you in advance!

YM

Brocade Moderator
Posts: 284
Registered: ‎08-31-2009

Re: failed to login to web management. Event:Security Violation

Hello,

 

Can you provide the output of command: ipfilter --show ?

 

 

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
New Contributor
Posts: 4
Registered: ‎07-27-2017

Re: failed to login to web management. Event:Security Violation

Hi Thierry

 

here is the output:

 

Name: default_ipv4, Type: ipv4, State: defined
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 permit
3 any tcp 80 permit
4 any tcp 443 permit
5 any udp 161 permit
6 any udp 123 permit
7 any tcp 600 - 1023 permit
8 any udp 600 - 1023 permit

Name: default_ipv6, Type: ipv6, State: defined
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 permit
3 any tcp 80 permit
4 any tcp 443 permit
5 any udp 161 permit
6 any udp 123 permit
7 any tcp 600 - 1023 permit
8 any udp 600 - 1023 permit

Name: factory_default_ipv4, Type: ipv4, State: active
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 deny
3 any tcp 80 deny
4 any tcp 443 permit
5 any udp 161 permit
6 any udp 123 permit
7 any tcp 600 - 1023 permit
8 any udp 600 - 1023 permit

Name: factory_default_ipv6, Type: ipv6, State: active
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 deny
3 any tcp 80 deny
4 any tcp 443 permit
5 any udp 161 permit
6 any udp 123 permit
7 any tcp 600 - 1023 permit
8 any udp 600 - 1023 permit

Brocade Moderator
Posts: 284
Registered: ‎08-31-2009

Re: failed to login to web management. Event:Security Violation

So there are deny on tcp 23 and 80 that you need to allow.

 

 

Name: factory_default_ipv4, Type: ipv4, State: active
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 deny
3 any tcp 80 deny
4 any tcp 443 permit
5 any udp 161 permit
6 any udp 123 permit
7 any tcp 600 - 1023 permit
8 any udp 600 - 1023 permit

Name: factory_default_ipv6, Type: ipv6, State: active
Rule Source IP Protocol Dest Port Action
1 any tcp 22 permit
2 any tcp 23 deny
3 any tcp 80 deny
4 any tcp 443 permit
5 any udp 161 permit
6 any udp 123 permit
7 any tcp 600 - 1023 permit
8 any udp 600 - 1023 permit

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
New Contributor
Posts: 4
Registered: ‎07-27-2017

Re: failed to login to web management. Event:Security Violation

thank you Thierry

can you help by providing the correct commands for this?

thanks
YM
Brocade Moderator
Posts: 284
Registered: ‎08-31-2009

Re: failed to login to web management. Event:Security Violation

[ Edited ]

Attached is the FOS command reference that will provide you the guidance for modification starting on page 504.

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
New Contributor
Posts: 4
Registered: ‎07-27-2017

Re: failed to login to web management. Event:Security Violation

thank you Thierry

i try to change default policy_ipv4 but i get an error that i cannot change default policies

is this correct ?
Highlighted
Brocade Moderator
Posts: 284
Registered: ‎08-31-2009

Re: failed to login to web management. Event:Security Violation

From your logs, there are 2 policies for ipv4:

default_ipv4 (defined)
factory_default_ipv4 (active)

 

The default_ipv4 permit the port that you are looking for to be permit.

Try to active default_ipv4

 

Command is: ipfilter --activate default_ipv4

 

 

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.