Problem with MX67 and logs Non-Meraki / Client VPN

SOLVED
SimoneP
Conversationalist

Problem with MX67 and logs Non-Meraki / Client VPN

I have a problem with an MX67. In the logs I continuously see this repeating itself every moment:

Cattura.PNG

 

 

 

For this place and appliance, site-to-site is off as it is not needed. Only the option of the VPN client is active.

But currently no one is trying to VPN to the network. What are these logs due to?

1 ACCEPTED SOLUTION
DensyoV
Meraki Employee
Meraki Employee

Hi

 

just to add if you still see those logs, you can take a packet capture on the Internet interface of your MX to see which IP is it coming from, using the Wireshark application, use the filter udp.port==500

Please hit kudos if you found this post helpful and/or click "accept as solution" if this solved your problem.

View solution in original post

5 REPLIES 5
CptnCrnch
Kind of a big deal
Kind of a big deal

Client VPN is also based on IPSec (L2TP over IPSec to be strict).

 

Looks like somebody is connecting to your device, possibly simply portscanning. Another possibility could be a misconfigured client trying to get access.

DensyoV
Meraki Employee
Meraki Employee

Hi

 

just to add if you still see those logs, you can take a packet capture on the Internet interface of your MX to see which IP is it coming from, using the Wireshark application, use the filter udp.port==500

Please hit kudos if you found this post helpful and/or click "accept as solution" if this solved your problem.
SimoneP
Conversationalist

I confirm, I found the external ip. It comes from a well-known provider, I don't understand why.

SimoneP
Conversationalist

Meraki MX does it not offer the possibility to block an incoming address?

Hi,

 

The MX is definitely dropping all inbound traffic by default unless you configure 1:1 NAT, 1:Many NAT or port forwarding. However, it doesn't really have any control of the incoming traffic, it is up to your service provider if they can block certain traffic from reaching your MX.

Please hit kudos if you found this post helpful and/or click "accept as solution" if this solved your problem.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels