Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

NSA 3650 LDAP login attempts

Hello - We have an NSA 3650 which is tied to LDAP for VPN authentication. I have been monitoring the Security logs at the service and I am seeing hundreds of failed login attempts coming from the firewall (internal) IP. I also have internal users say that they get locked out from AD for no reason. At first, I didn't think anything of it until I started monitoring the Security logs. I am having a hard time finding the information I need in the SonicWALL; I would like to see the login attempts at the firewall or any other information that would help me block the source IP. The Monitor / Active Users just shows legit logins. I am also seeing a lot of the following errors at the firewall under manage / Auditing Records: Audit ID 710, 715, 712, 713: Description: Download file, /cgi-bin/wa.exe. I need a little help trouble shooting this one.

Category: Mid Range Firewalls
Reply

Best Answer

Answers

Sign In or Register to comment.