Blocking UDP 500 from a specific source

mrjohnbravo · Oct 26, 2016, 3:18 AM

I have a rule in my "rules" section at the very top of the list to block UDP 500 from a source IP that was previously a Peer in an IPSEC VPN configuration. Now I want to block that former Peer IP but the rule doesn't work. And according to the logs the rule doesn't even get hit. The former peer is still trying to make a connection and I see it in my IPSEC logs every 3 seconds. I don't want that. I want to block that IP but it refuses to be blocked. What am I doing wrong here. I've also tried blocking on the IPSEC tab and the Floating tab. Nothing seems to keep it from generating a connection to my racoon daemon and trying to connect. Also notice that there is a state in the state table from that IP . Its a NO_TRAFFIC:SINGLE from the former Peer IP to my IP
Using ver 2.1.5

Late and frustrated.

Thanks for any ideas.

Derelict · Oct 26, 2016, 4:24 AM

Upgrade would be my guess.