Firepower FDM GUI

softdevca · ‎04-04-2025

I currently have a Firepower 2100 series and was testing the number of failed login attempts to confirm there was a setting enabled. It appears to have a faillock set after 3 failed attempts with a 5 minute lock before the user can attempt to log in again. I've looked through various Firepower documentation but I cannot locate where this setting is located in order to modify it. Any help or guidance is greatly appreciated. Thanks!

marce1000 · ‎04-04-2025

- FYI :https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/fxos261/web-guide/b_GUI_FXOS_ConfigGuide_261/user_management.html#id_24880

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Rob Ingram · ‎04-05-2025

@softdevca there is the FTD CLI command configure user maxfailedlogins.

"To set the maximum number of consecutive failed logins for a user, use the configure user maxfailedlogins command."

configure user maxfailedlogins <username> <number>

https://www.cisco.com/c/en/us/td/docs/security/firepower/command_ref/b_Command_Reference_for_Firepower_Threat_Defense/c_3.html#wp1770881183

softdevca · ‎04-07-2025

Marce/Rob,

Thanks for those reference guides however I believe those are the commands to configure via console cable connection rather than the IP GUI FDM CLI. I attempted the maxfailedlogins command in the CLI console (see attached screenshot) of the GUI page however I receive a "This command is not supproted" error. Are you not able to change the default setting for an admin user account?