Hi there,
today I really had to block traffic coming from a specific IP going to my UTM 9.705-3 trying massive IPSEC logins.
Adding a firewall rule at #1 position did not work so I added a DNAT-rule to NAT all traffic coming from this IP going to my UTM to 240.x.x.x. and placed it on top of all NAT-rules.
But my IPSEC-log shows me that I am still flooded by this IP.
How can I protect my network when everything is passing my rules?
Thank you -
Chris
PS:
And: why does an "iptables - L | grep IP-address" does not show my filter rule?
This thread was automatically locked due to age.