NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Block inbound vpn address
I have using vpntracker (Macbook Pro) and IOS (iphone 6 and Ipad Air) vpn to connect to my router. In the last 6 months I see a server from shadowserver.org trying to access my router. From VPN log. ...
JohnC_V wrote:
By default, it is already blocked. They cannot connect through VPN as they don't have credentials to have a handshake with your router. They may need to configure your router and configure the right credentials in order for it to work.
Seriously? The OP states that he has a firewall rule in place supposedly blocking the address range...
dono11 wrote:
I have an inbound 'All' service that blocks the entire address range. The shadowserver.org attempts to connect once a day.
...therefore these IP addresses must be blocked by the firewall before reaching the OpenVPN service port.
Assuming the firewall rules are set correct - a clear bug in the firewall implementation! Firewall must deny the access _before_ a packet does reach any local services on the security appliance, too.
Of course, there are plenty of reasons why Netgear has never succeeded in this security appliance business, and the products are between EoL and dead.
Looking forward to BR500 and what is coming beyond - I hope Netgear is able to listen to the market now.
Regards,
-Kurt
PS. This is one of the reasons why I'm re-interating the need for configurable firewall rules for the coming-up Insight BR500 router.
Here is my Inbound rule.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
