Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    block openvpn brute force attempts

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 3 Posters 1.2k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      pox
      last edited by

      I have a lot of brute force attempts on udp port 1194. Is there a way to block them somehow?
      Under firewall rules -> advanced there is a rate limit setting, but as far as i know it only works for tcp connections, not udp.
      Is this even possible?

      1 Reply Last reply Reply Quote 0
      • KOMK Offline
        KOM
        last edited by

        Change your OpenVPN rule on WAN so that it only allows connections from an IP alias. Put all trusted IPs in that alias.

        1 Reply Last reply Reply Quote 0
        • P Offline
          pete35
          last edited by

          Change the openvpn port from 1194 to something like 34768 . Block port 1194 afterwards.

          <a href="https://carsonlam.ca">bintang88</a>
          <a href="https://carsonlam.ca">slot88</a>

          1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM
            last edited by

            You could also take my approach, which is "I don't care". Let them rattle your doorknob all they want. You realize that your public IP is being probed and scanned all day every day, right? Not just your OpenVPN port. Don't obsess over blocks in your log. Liken it to your house. Do you worry about how many times somebody tries your door when you're not home?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.