There is an ip address attempting to connect to create an ipsec vpn to my sonicwall. How to block
Rich65 Newbie ✭
About 6 months ago, an IP address (not one of mine) started to try co create an IPSEC VPN to my sonicwall. There is no policy for this connection, so the attempt fails and is logged. The problem is that they try to connect a few times a minute, 24/7. This is filling up my logs, cluttering them with static.
Is there a way to totally ignore a particular IP address so it never reaches the VPN engine?
I've tried blacklisting the IP address by creating an object and deny access rule, but it didn't work.
NSA2600 - 6.5
Category: Mid Range Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Welcome to the SonicWall community.
Have you created the access rule to block this IP from WAN to WAN?
You can say discard on the rule so that the firewall does not even respond to the initial packet sent from this source.
Technical Support Advisor, Premier Services
Thank you fro the quick response.
I originally had WAN to ALL and DENY. Changing to WAN to WAN and DISCARD made no difference.
Do you have requirement to have IPSec VPN enabled? If not disable it.
If it's required you can create address objects for known tunnel peers, then edit the auto-created WAN to WAN, Any to WAN Interface IP, IKE rule to only allow traffic from the known peers.