Banning or throttling users making invalid connection attempts?

  • I have a good VPN setup going, but the log gets spammed by a lot of entries of the following form.

    Jul 23 03:28:45    racoon: ERROR: Invalid exchange type 243 from x.x.x.x[xxxxx].
    Jul 23 03:28:49    racoon: [x.x.x.x] ERROR: exchange Identity Protection not allowed in any applicable rmconf.

    Everything is secure, but it's still annoying to see this.  Is there a way I can transfer these IP's to blacklists, or perhaps at least throttle the rate of attempts on my VPN?  I'm not sure how to do this with IPSec on the firewall rules list.

Log in to reply