[8.281][BUG][FIXED] L2TP over IPsec seen as UDP flood

The log is full of these beginning with the installation of 8.270. It's not now even though I'm connected.

2011:11:19-13:36:46 post ulogd[5037]: id="2105" severity="info" sys="SecureNet" sub="ips" name="UDP flood detected" action="UDP flood" fwrule="60013" initf="eth1" srcmac="0:14:f1:e5:A:B" dstmac="0:8:2:a4:X:Y" srcip="{Home IP}" dstip="{Astaro IP}" proto="17" length="80" tos="0x00" prec="0x00" ttl="123" srcport="1701" dstport="1701"

Cheers - Bob

Parents

0 BAlfson over 13 years ago

Unfortunately, I used the same drive for V8.270 as I had for 8.202 - the first version of V8 that I ran locally. I do still have a V7.511 drive from last month that I can look at, but this behavior is new.

I wonder if there wasn't a pattern update that caused this temporarily? In any case, Remote Access is blocked again, and I'm headed to to office in a few minutes to see if it's this problem or the other one I've reported.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 BAlfson over 13 years ago

Unfortunately, I used the same drive for V8.270 as I had for 8.202 - the first version of V8 that I ran locally. I do still have a V7.511 drive from last month that I can look at, but this behavior is new.

I wonder if there wasn't a pattern update that caused this temporarily? In any case, Remote Access is blocked again, and I'm headed to to office in a few minutes to see if it's this problem or the other one I've reported.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data