Dear colleagues,
I’ve been suffering lately from many connectivity attempts via IPSEC and as a result, the logs of the Mikrotik equipment I manage are full of entries and information.
The events I usually receive are these:
ipsec,error: phase1 negotiation failed due to time up
ipsec, error phase1 negotiation failed.
ipsec,error failed to pre-process ph1 packet (side: 1, status 1).
ipsec,error failed to get valid proposal.
ipsec, error no suitable proposal found.
I would like to know if there is any functional script that identifies any of these messages above and blacklists the destination IP?
I found this post here on the forum but unfortunately no one responds and the post’s script ends up putting 0.0.0.0 on the blacklist.
http://forum.mikrotik.com/t/black-list-for-failed-login-to-ipsec-vpn/130090/1
Can anybody help me ?