High number of unsuccessful VPN connection attempts - how to handle this?

Sharif_Ibrahim
Comes here often

High number of unsuccessful VPN connection attempts - how to handle this?

Hi everybody, I am the new one 😉

 

We have several MXs with client VPN activated and I can see in the event a lot (even so much that the event log can´t handle it) of unsuccessfuls connection attempts, which partly lead to an DoS, which means the regular clients are not able to connect.

 

Has anyone else also seen this and is there are a way to block such attempts?

 

I am thinking about something like fail2ban, after a number of unsuccessfu attempts the originating IP is blocked away for a certein period of time...

 

 

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal

Are they by chance from one specific country that you could block?

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings#Geo-IP_Based_F... 

Sharif_Ibrahim
Comes here often

Hi Philip,

 

thanks for your reply, this is an interesting idea, but unfortunately we don´t have the advanced security licence in place.

 

Does anyone see something similar in his/her event log?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels