Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
Lotus

VPN Stopped Working...

By Lotus, in Networking

Recommended Posts

Lotus    0

Lotus
Posted

I have a VPN set up between two businesses, for some odd reason the whole thing stopped working.

 

Hardware is Symantec Firewall/VPN 100 at both locations. I have it set up like they say to on the website and documentation CD. We have static IP's which have not changed.

 

I notice we are under constant port scan attack...every 30-60 seconds.

 

 

* It was down all day yesterday and now it's up again, just checked. *

 

I was finally able to ping the computer behind the vpn/firewall at the other location.

 

What would cause it to keep going down? Even after reseting everything it still won't work.

 

When I pinged it a second ago, 1 of 4 pings made it... When I pinged again, 2 made it, then the third time all pings made it and didn't time out.

 

I don't understand why it works "some" times.

 

All the settings have been gone over time and time again, by two different people.

Share this post

Link to post

sapiens74    0

sapiens74
Posted

Sound like a DOS attack if you are under constant attack. THat would cause them to time out. otherwise try something, like chaning ip addresses at both ends.

Share this post

Link to post

Lotus    0

Lotus
Posted

I have talked to a few other people who also said that the DOS would cause the VPN to go down. If I change IP addresses (which are static right now) wouldn't the problem just come back? Is there anything I can do settings wise, that would help? Or is changing the IP the way I'll have to go?

Share this post

Link to post

Lotus    0

Lotus
Posted

I just went to try and log into the router...I can't even get into it. Same thing happened with it yesterday. Took like an hour before I was able to log into it. Strange. Maybe my switch is on the fritz.

Share this post

Link to post

Lotus    0

Lotus
Posted

Log

UTC Time Message Source

08/07/2003 23:30:19.91 Port Scan attack !!! 24.148.65.79:3374

08/07/2003 23:30:28.91 Port Scan attack !!! 24.148.65.79:3374

08/07/2003 23:46:54.66 Port Scan attack !!! 24.28.62.172:2294

08/07/2003 23:47:03.61 Port Scan attack !!! 24.28.62.172:2294

08/07/2003 23:55:35.91 Port Scan attack !!! 67.20.174.52:4736

08/07/2003 23:56:05.31 Port Scan attack !!! 67.20.174.52:4896

08/08/2003 00:00:41.71 Port Scan attack !!! 24.53.0.136:2842

08/08/2003 00:00:50.61 Port Scan attack !!! 24.53.0.136:2842

08/08/2003 00:05:47.86 Port Scan attack !!! 67.20.164.108:1596

08/08/2003 00:19:26.31 Port Scan attack !!! 66.188.195.206:3486

08/08/2003 00:27:45.41 Port Scan attack !!! 218.90.178.145:2315

08/08/2003 00:31:52.86 Port Scan attack !!! 203.192.11.30:1065

08/08/2003 00:33:24.81 Port Scan attack !!! 218.15.192.64:30099

08/08/2003 00:52:29.56 Port Scan attack !!! 67.20.174.52:2102

08/08/2003 00:56:20.71 Port Scan attack !!! 62.62.139.253:3833

08/08/2003 00:57:39.86 Port Scan attack !!! 67.20.77.111:2836

08/08/2003 01:02:57.91 Port Scan attack !!! 61.177.227.45:2077

08/08/2003 01:22:36.11 Port Scan attack !!! 24.209.175.44:2281

08/08/2003 01:22:51.91 Port Scan attack !!! 24.209.175.44:2281

08/08/2003 01:23:07.96 Port Scan attack !!! 24.209.175.44:2281

08/08/2003 01:31:00.76 Port Scan attack !!! 67.20.187.62:3670

08/08/2003 01:41:58.61 Port Scan attack !!! 12.248.64.98:4361

08/08/2003 01:48:32.11 Port Scan attack !!! 218.15.192.64:30099

08/08/2003 02:01:21.36 Port Scan attack !!! 67.20.221.200:1945

08/08/2003 02:24:18.46 Port Scan attack !!! 67.20.76.159:4857

08/08/2003 02:24:27.51 Port Scan attack !!! 67.20.76.159:4857

08/08/2003 02:37:26.36 Port Scan attack !!! 67.20.76.159:4883

08/08/2003 02:37:35.31 Port Scan attack !!! 67.20.76.159:4883

08/08/2003 02:49:01.61 Port Scan attack !!! 67.20.81.212:3612

08/08/2003 02:58:09.66 Port Scan attack !!! 67.20.76.159:4108

08/08/2003 02:58:18.61 Port Scan attack !!! 67.20.76.159:4108

08/08/2003 03:02:26.31 Port Scan attack !!! 67.117.23.149:3142

08/08/2003 03:02:35.31 Port Scan attack !!! 67.117.23.149:3142

08/08/2003 03:06:24.31 Port Scan attack !!! 67.20.33.55:3674

08/08/2003 03:07:24.16 Port Scan attack !!! 218.15.192.64:30099

08/08/2003 03:10:50.36 Port Scan attack !!! 65.88.92.140:1474

08/08/2003 03:10:56.31 Port Scan attack !!! 65.88.92.140:1474

08/08/2003 03:21:25.01 Port Scan attack !!! 12.255.148.153:2647

08/08/2003 03:21:34.01 Port Scan attack !!! 12.255.148.153:2647

08/08/2003 03:22:25.06 Port Scan attack !!! 67.20.76.159:3841

 

==============================================

 

Here is part of the log...I removed my IP

 

Most are TCP and UDP..there were also like 7 or 8 HTTP as well.

 

 

The log from our other business looks just like this. Filled with port scan attacks etc..

Share this post

Link to post

Lotus    0

Lotus
Posted

ANy idea what would make the connection intermittent "some days"?

Share this post

Link to post

sapiens74    0

sapiens74
Posted

If you are getting those kinds of attacks, you need to speak with your ISP about filtering the traffic before it gets to you.

Share this post

Link to post

Lotus    0

Lotus
Posted

I'll give them a call today to see what they can do. That log is one of 4 pages filled with attacks. It's kind of annoying heh.

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Networking
×