We are configuring an MX-250 as a VPN Concentrator. It will handle client VPN connections and authenticate against a RADIUS server.
It is set up with port forwarding from our primary MX-250.
However, we are seeing blocks from our internal firewall rules.
For example, I get a tcp block on the source IP of 188.8.131.52 and source port of 443, with a target IP of 10.1.250.192 and target port of 61702.
It looks like the blocks are somehow reversed. The VPN client is at 10.1.250.192 and is trying to create a 443 connection to 184.108.40.206, but I get a block in the opposite direction.
Another example: According to our firewall, Google at 220.127.116.11 is trying to hit our VPN client for a DNS lookup on udp port 53. It is backwards!
Any ideas would be welcome. When we finally find the problem, I will post the answer.
Our network consultant analyzed the issue and made changes to the configuration of our VPN concentrator.
It is now working as expected.
Sorry that I do not have any more detailed information on why we were getting the weird traffic from the VPN concentrator.
Maybe he had it installed upside down. ha ha.
Are you talking about the port forwarding access rules (which you specify which IP's are allow access inbound) or the firewall rules (which work on the outbound leg - not the inbound leg)?