I have a problem with an MX67. In the logs I continuously see this repeating itself every moment:
For this place and appliance, site-to-site is off as it is not needed. Only the option of the VPN client is active.
But currently no one is trying to VPN to the network. What are these logs due to?
Solved! Go to solution.
Hi
just to add if you still see those logs, you can take a packet capture on the Internet interface of your MX to see which IP is it coming from, using the Wireshark application, use the filter udp.port==500
Client VPN is also based on IPSec (L2TP over IPSec to be strict).
Looks like somebody is connecting to your device, possibly simply portscanning. Another possibility could be a misconfigured client trying to get access.
Hi
just to add if you still see those logs, you can take a packet capture on the Internet interface of your MX to see which IP is it coming from, using the Wireshark application, use the filter udp.port==500
I confirm, I found the external ip. It comes from a well-known provider, I don't understand why.
Meraki MX does it not offer the possibility to block an incoming address?
Hi,
The MX is definitely dropping all inbound traffic by default unless you configure 1:1 NAT, 1:Many NAT or port forwarding. However, it doesn't really have any control of the incoming traffic, it is up to your service provider if they can block certain traffic from reaching your MX.