SFTP Gateway has an automatic IP banning feature that locks out SFTP users. This is intended to automate the blocking of scripted attacks.
However, in some environments, you might need to configure a proxy (such as a firewall appliance) in front of the SFTP Gateway EC2 instance. Depending on how it's set up, the IP banning feature could end up blocking the proxy's IP address if it can't figure out the original IP. This results in all SFTP users getting locked out repeatedly.
In this situation, you might consider disabling the IP banning feature altogether.
Disabling the Policy
SSH into the EC2 instance, and elevate your privileges to root:
Edit the file
/opt/sftpgw/application.properties and add the following line:
To apply your change, restart the Java service:
service sftpgw-admin-api restart
This will now disable the IP banning policy.