IPSec connection attempt isn't blocked.
-
Hi.
Each evening I see an entry for 216.218.206.118 in my IPSEC logs.
It never gets connected but it shows up each night.So I decided to add some rules to try and block it.
On WAN I added
BLOCK TCP v4 * from 216.218.206.118On IPSEC I added
BLOCK TCP v4 * from 216.218.206.118Yet I still see it trying to connect. Is there anyway I can block it ?
Thanks.
-
Quick update. My original post was wrong.
The rules are :
On WAN I added
BLOCK IPv4 any from 216.218.206.118On IPSEC I added
BLOCK IPv4 any from 216.218.206.118Why doesn't this stop the connections ?
-
Why doesn't this stop the connections ?
Because when configuring a VPN, hidden firewall rules are automatically added to allow the corresponding traffic in. I would assume that you allow mobile clients in as then the source address of the above mentioned hidden rules is set to any.
You could disable these VPN rules from being automatically created (System, Advanced, Firewall and NAT, Disable Auto-added VPN rules) but then you'd have to manually add your own rules on the WAN interface to allow the legitimate IPsec traffic.