Improve visibility of Geo node allow-listing denies

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

The Geo allow list can enable a subnet-based allow list for the secondaries allowed to connect to it.

If this is misconfigured, or unintentionally blocking access to a Geo secondary, this is ~not obvious to debug, for example:

• All HTTP(s) object syncs fail with a 401 Unauthorized message
• Repository syncs fail with a fatal: could not read Username for .. error (which can be seen in a lot of other scenarios as well)

We should try to have more visibility that this happens, maybe an explicit log over on the primary when denying an IP, or a warning sign in the UI on the primary if the secondary connecting to it gets denied when updating the status.

A first step might also be documenting the possibility of this happening in the troubleshooting docs when all HTTP(s) objects fail to sync.