- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Changing the default VPN port
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Changing the default VPN port
Greetings,
Does anyone know how to change the default VPN port? I believe it's 500, and I have people banging away on mine, and I'd sleep better if I could change it to something less well-known.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Changing the default VPN port
Hello lightknightrr,
Welcome to the community!
Yes, by default it uses VPN port 500, ( for IPSec VPN's), port 1723 for PPTP VPN's, and port 1701 for L2tp- L2tp routing and remote access. They are open by default and I am not certain they can be changed but I can inquire it. What is the model number of the firewall you are using?
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Changing the default VPN port
The SRX5308.
Here's some of a log of the foreign traffic trying to connect to the VPN:
Thu Jan 26 20:59:43 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Could not find configuration for 216.218.206.102[25941] Thu Jan 26 15:01:00 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:57 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:54 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:51 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:49 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:47 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:45 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:44 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:43 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:41 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:39 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:38 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:36 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:33 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:32 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:30 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:27 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:26 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:24 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:24 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:21 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:20 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:18 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:17 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:16 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:14 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:13 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:11 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:11 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:09 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:08 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:08 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:05 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:03 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 15:00:00 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 14:59:58 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 14:59:56 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 14:59:55 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 14:49:34 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 14:49:29 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 14:49:24 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 14:49:19 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 14:49:14 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:59:14 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:59:10 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:57:55 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:57:14 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:56:51 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:56:39 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:56:32 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 09:56:28 2017((GMT-0500)) [SRX5308][System][VIPSECURE] unknown Informational exchange received. Thu Jan 26 01:00:07 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 01:00:05 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 01:00:01 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:58 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:55 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:54 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:52 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:52 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:49 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:48 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:46 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:46 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:43 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:42 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:40 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:39 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:37 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:36 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:34 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:33 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:31 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:30 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:28 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:27 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:25 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:24 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:24 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:23 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:21 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:20 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:18 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:17 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:16 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:15 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:15 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:12 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:11 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:10 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:08 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:04 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:03 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:59:02 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:45 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:42 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:39 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:36 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:33 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:32 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:30 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:29 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:27 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:26 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:24 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:23 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:21 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:20 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:18 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:17 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:15 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:14 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:12 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:11 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:09 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:08 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:07 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:05 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:03 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:02 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:02 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:13:01 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:59 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:58 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:56 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:55 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:54 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:53 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:50 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:49 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:48 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:45 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:42 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:42 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Thu Jan 26 00:12:40 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 66.215.165.175[500]. Wed Jan 25 21:19:09 2017((GMT-0500)) [SRX5308][System][VIPSECURE] Invalid exchange type 243 from 179.43.177.66[500].
There is also a number of these interspersed at intervals throughout that log, don't know if they are anything to worry about:
Wed Jan 25 21:40:14 2017((GMT-0500)) [SRX5308][Kernel][KERNEL] eth0.1: add {address redacted} mcast address to master interface Wed Jan 25 21:40:14 2017((GMT-0500)) [SRX5308][Kernel][KERNEL] eth0.1: del {redacted} mcast address from master interface
On another note, and I know it's a silly question, but while I am asking about changing the VPN port number, where is the interface to blacklist external IP addresses?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Changing the default VPN port
Hi lightknightrr,
I'll inquire about the VPN port question. To block an external IP, I believe the best way is to create an Inbound rule and make sure that the router is in stealth mode. ( see pages 140 and 171 in the user manual).
The inbound rule should look like the image below:
Thanks,