Though I don't have any L2TP server configured. His this just info that some one is trying to connect even though no server exists?first L2TP UDP packet received from 154.89.5.115
-
-
mdadigital
newbie
- Posts: 34
- Joined:
Malicious L2TP requests in log
Like this
-
-
mdadigital
newbie
- Posts: 34
- Joined:
Re: Malicious L2TP requests in log
I really need to help with tnis. I ran a security test and I got this
Re: Malicious L2TP requests in log
Well, it does seem that even with L2TP server disabled, 1701 is not closed like others, e.g. netmap on unfirewalled device shows:
I'm not sure what exactly happens, but you can always use firewall to block access to it.
Code: Select all
PORT STATE SERVICE
1700/udp closed mps-raft
1701/udp open|filtered L2TP
1702/udp closed deskshare
Re: Malicious L2TP requests in log
Where is your config?????
/export file=anynameyouwish ( minus router serial number and any public WANIP information )
If running vers6 firmware use
/export hide-sensitive file=anynameyouwish ( minus router serial number and any public WANIP information )
/export file=anynameyouwish ( minus router serial number and any public WANIP information )
If running vers6 firmware use
/export hide-sensitive file=anynameyouwish ( minus router serial number and any public WANIP information )
-
-
mdadigital
newbie
- Posts: 34
- Joined:
Re: Malicious L2TP requests in log
Hey guys. I configured a L2TP VPN and in the process I changed the firewall setting to only accept L2TP packages that are ipsec encrypted. After that I stopped receiving malicious requests in the log. (Have only tried for a while so will keep looking out).
Thanks for feedback btw
Thanks for feedback btw