Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 1769 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec Acess Block IP

Thomas P.
hello,

i want to block an ip from "trying" to connect via IPSec. the logfile is filling up every 10 seconds with the following lines. i tried to deny all access via package filtering, but i belive that's not the right way. an "IPSec connection" for this ip has existed, but does not exist anymore. i belive, the easiest way would be to stop the access tries from this company, but is ther also a solution at the firewall side?

maybe someone can give me an hint? thanks! 

2009:11:23-11:35:47 asg7 pluto[3617]: packet from ***.***.***.***:500: received Vendor ID payload [Dead Peer Detection]

2009:11:23-11:35:47 asg7 pluto[3617]: packet from ***.***.***.***:500: ignoring Vendor ID payload [da8e937880010000]

2009:11:23-11:35:47 asg7 pluto[3617]: packet from ***.***.***.***:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]

2009:11:23-11:35:47 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: responding to Main Mode from unknown peer ***.***.***.***

2009:11:23-11:35:47 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected

2009:11:23-11:35:47 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: next payload type of ISAKMP Identification Payload has an unknown value: 221

2009:11:23-11:35:47 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet

2009:11:23-11:35:47 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: sending encrypted notification PAYLOAD_MALFORMED to ***.***.***.***:500

2009:11:23-11:35:50 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: next payload type of ISAKMP Identification Payload has an unknown value: 221

2009:11:23-11:35:50 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet

2009:11:23-11:35:50 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: sending encrypted notification PAYLOAD_MALFORMED to ***.***.***.***:500

2009:11:23-11:35:53 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: next payload type of ISAKMP Identification Payload has an unknown value: 221

2009:11:23-11:35:53 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet

2009:11:23-11:35:53 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: sending encrypted notification PAYLOAD_MALFORMED to ***.***.***.***:500

2009:11:23-11:35:56 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: next payload type of ISAKMP Identification Payload has an unknown value: 221

2009:11:23-11:35:56 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet

2009:11:23-11:35:56 asg7 pluto[3617]: "S_REF_ykgMMOxKUF"[1] ***.***.***.*** #4777: sending encrypted notification PAYLOAD_MALFORMED to ***.***.***.***:500


This thread was automatically locked due to age.
Parents Reply Children
No Data