cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

High number of unsuccessful VPN connection attempts - how to handle this?

Just browsing

High number of unsuccessful VPN connection attempts - how to handle this?

Hi everybody, I am the new one 😉

 

We have several MXs with client VPN activated and I can see in the event a lot (even so much that the event log can´t handle it) of unsuccessfuls connection attempts, which partly lead to an DoS, which means the regular clients are not able to connect.

 

Has anyone else also seen this and is there are a way to block such attempts?

 

I am thinking about something like fail2ban, after a number of unsuccessfu attempts the originating IP is blocked away for a certein period of time...

 

 

2 REPLIES 2
Kind of a big deal

Re: High number of unsuccessful VPN connection attempts - how to handle this?

Are they by chance from one specific country that you could block?

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings#Geo-IP_Based_F... 

Just browsing

Re: High number of unsuccessful VPN connection attempts - how to handle this?

Hi Philip,

 

thanks for your reply, this is an interesting idea, but unfortunately we don´t have the advanced security licence in place.

 

Does anyone see something similar in his/her event log?

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.