When you are performing the brute force attack, are you having the HTTP web management turned ON the WAN interface for which this attack is done or is there a port forwarding to allow HTTP to an internal server?
If the HTTP traffic is being forwarded to an internal server, it is expected for that internal machine to protect against such attacks as the there is an access rule and NAT in place to allow all HTTP traffic to that internal machine.
For protecting against brute force attacks, the user lockout should be configured as per the KB below.
Answers
Hello @tin,
Welcome to SonicWall community.
When you are performing the brute force attack, are you having the HTTP web management turned ON the WAN interface for which this attack is done or is there a port forwarding to allow HTTP to an internal server?
If the HTTP traffic is being forwarded to an internal server, it is expected for that internal machine to protect against such attacks as the there is an access rule and NAT in place to allow all HTTP traffic to that internal machine.
For protecting against brute force attacks, the user lockout should be configured as per the KB below.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services