Locked out of scv3020 - CLI help?

Hello,

This user posted these steps worked you may like to view:

How to reset password on Storage System Dell SCv3020

https://dell.to/3WAGHk4

If that does not work for you, you will need to contact Support directly and an engineer can work with you in a remote session. The forum is not capable of doing remote sessions.

Thanks Charles.  
I do not need to reset the password as it has not been changed. 
Any network sessions are being blocked by an ACL lockout.  
I am looking to know the CLI commands to edit / remove the ACL access settings.  
This unit is no longer in support so I know that Dell enterprise support will not help with a remote session without a huge charge, so I was asking for advice on the commands on the community.  

Hello,

Run mc ipflt delete

KB article: 000189472

https://dell.to/3PSDfxl

Thanks Charles.

mc ipflt is certainly the correct area, but the delete command doesn't work, and is not listed under "mc ipflt ?"

The article number posted, cannot be found, and the link doesn't work.  I assume this may be an internal only document?

However, I can see the IP Filter that I put in place. 

I just can't work out how to edit or delete it from the help commands.

Hi,

The link seems running. Could you try logging in and open the link again, please? If you still haven't reached the article please let us know. 

When I click that link it asks me to log in.  Once logged in I get the Page Not Found.

And if I search for the article number, nothing shows up

Hello, this is the text of the KB article:

SC Series: "Invalid Login Credentials" error when starting a DSM session with access filters enabled

Symptoms

When trying to access the SC by using DSM and a set of verified credentials, an "Invalid Login Credentials" error is displayed on the login screen.

Example:

Cause

The blocked management access is caused by an IP access filter configured on the MC subsystem. Access filters can be created to selectively allow administrative access to a Storage Center based on IP address, user privilege level, or user name. When one or more access filters are defined, administrative connections that do not match an access filter are denied.

Resolution

If one encounters this issue, please contact Dell Technologies Technical Support and reference this Knowledge Base Article.

Internal Notes

Additional Notes on Symptoms:

NOTE: The "Invalid Login Credentials" message is not specific for this particular failure. Although it points to invalid credentials being used, many failure scenarios can display this particular error without revealing any clue about the underlaying failure. To discard other possibilities, activate the console debug log on both controllers and retry the login request.

When using the iDRAC, KVM, serial or remote SSH and activating log dispon debug on both controllers, a "CreateAPISession: Failed because IP x.x.x.x is blocked" error appears every time a login request takes place.

When reading the System Logs with WebCST, several "Login Session failed due to Access Denied via IP filter" messages can be observed.

Example:

04/22 02:29:08 AM    httpd        [error] [ 8047] : [80] : authenticate_user: [Basic] : [Admin] : [192.168.3.12] : [OK]
04/22 02:29:08 AM    MC        Login Session failed due to Access Denied via IP filter, username Admin from host 192.168.3.12
...
04/22 02:29:09 AM    httpd        [error] [ 8047] : [80] : authenticate_user: [Basic] : [Admin] : [192.168.3.12] : [OK]
04/22 02:29:09 AM    MC        Login Session failed due to Access Denied via IP filter, username Admin from host 192.168.3.12
...

Additional Notes on Cause:

The MC:AccessIPFilter table contains the current configured access filters. This table can be seen using WebCST by navigating to the System State section and selecting the proper Phone Home Date > MC > AccessIPFilter table. Using the CLI, the mc ipflt show command displays the same access filter table.

 Example:

mc ipflt show
sn######>

Inde       UserName        UserPriv      HostIP1          HostIP2       TimeStart     TimeEnd
==== ==================== ========== ================ ================ ============ ============
   1 *                             8 192.168.14.1     192.168.14.254                            
   2 *                             8 192.168.6.12     192.168.6.32                              
Walk: Display 2 of 2

Resolution:

The quickest way to restore access is to delete all the configured filters from the table by using the mc ipflt delete command (from the iDRAC, KVM, serial or remote SSH). Once they are deleted, the management access should be restored. If there is a need to configure back new access filters, execute the following steps:

• Expand the Dell Storage Manager menu, and then click Storage.
• In the SC Series tab, select a Storage Center to open the Storage Center view.
• In the Summary tab, click Settings. The Edit Storage Center Settings dialog box opens.
• Click the IP Filtering tab.
• Add the required access filter configuration.

Thanks Charles.

I'm afraid it doesn't work.

mc ipflt show give me the info showing the IP Filter in place.

But mc ipflt delete just tells me there is no delete command

It almost feels that as though I am logged into the device as the main admin, I don't have the rights to make the change

Hello,

I'm sorry that didn't work.

Do you have the ability to contact support directly and an engineer can do a remote session with you to get a look?

The forum isn't capable of doing that type of remote engagement.