On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different IP's around the world. I have disabled the VPN Portal to stop this, but this breaks our ssl vpn and provisioning. I have put in place blocked countries and blocked malware IP groups, but this is a game of wack-a-mole. Our VPN Portal is not even using the default 443 port. Is there anything else that could be done?
Added TAGs
[edited by: Raphael Alganes at 2:41 AM (GMT -7) on 9 Sep 2024]
