Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Brute force Outlook mail

Sanal_Babu
Nimbostratus
Nimbostratus

We have brute force enabled for exchange login url and few users who has multiple mail accounts configured in single device are getting blocked with "Brute Force: Maximum login attempts are exceeded ". As per my understanding ASM Brute force is only looking for failed login attempts against the configured URL. But user account is valid and using right credentials. How F5 is tracking it as failed logins?

 

BF settings

 

Detection Period 60 Minutes Maximum Prevention Duration 60 Minutes Username Trigger: After 10 failed login attempts Action: Alarm and Captcha

 

User who have 3 mail boxes configured in a single device is having trouble since the connection initiating from a single IP address.

 

Any thoughts ?

 

1 REPLY 1

yuova
Nimbostratus
Nimbostratus

hello ,

can you please share the configuration it doesn't work to me for owa .

i put the authentication login as " [ HTTPS] POST /owa/auth.owa "