Client locked out of WebUI & SSH

Started by grocerylist, September 26, 2025, 06:09:14 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 26, 2025, 06:09:14 PM
Hi,

I'm a recent convert from pfSense to OPNsense and enjoying it so far.

I seem to have somehow caused one of my IP or Mac address clients locked out of the WebUI and SSH.

I was in the process of setting up Crowdsec, specifically trying to enroll my Crowdsec instance as a Security Engine. I was trying to do this from SSH CLI but I had disabled the Root user, using my other Admin account and learned I hadn't granted sudo rights, so I re-enabled Root user. Was having difficulty logging in as Root via SSH a few times, maybe more and now I'm unable to access the WebUI or SSH from that client. I can still ping OPNsense and I can access OPNsense from other permitted clients (from my firewall rules) but I'd like to fix access for this client.

Not sure if Crowdsec or if OPNsense has something like fail2ban that would have blocked that IP or that MAC address but I'm not sure where to look for more info or how to whitelist or delete a blocklist entry.

Any ideas?

Thanks in advance!
September 26, 2025, 06:33:12 PM #1
If it's a "poked at it 'til it got angry"-type situation (it should take some poking), have a look at the "sshlockout" alias under "Firewall: Diagnostics: Aliases". If present, it should time out after... a while. (I forget where to find those settings.)
September 26, 2025, 06:38:45 PM #2
Thanks, I got locked out last night and didn't know where to look.

Hadn't yet checked this morning but you were correct that it did time out and I do have access via that client again.

Thanks for the tip on where to look!
Print
Go Up Pages1
User actions