Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
668
Views
0
Helpful
1
Replies

MPLS SECURITY

enock_moubongo
Community Member

‎01-09-2004 03:20 AM

DNS

|

Internet-----Firewall---switch-----CPE-----(MPLS VPN)

My problem is that on the customer firewall we see packets coming from other networks.

How come ? MPLS is supposed to be secure

------------------------------

Packet Warning: Packet (9.17.X.6X->9.133.X.X: Protocol=TCP[RST] Port 1533->1156) for interface 192.168.X.X was

routed to interface ?? -- bogus destination address?

---------------------------------

Jan 08 14:28:31.165 srvhkkling kernel[0]: 343 Packet Warning: Packet (9.69.X.X->9.133.104.74: Protocol=TCP[RST] Port 1352->1455) for interface 192.168.X.Xwas routed to interface ?? -- bogus destination address?

------------------------

Customer doesn't have network within 9.X.X.X range

According to the customer packets don't come from the internet side but the VPN MPLS side.

Has some already heard of that security problem and how to solve it ?

Labels:
0 Helpful
1 Reply 1

ipotts
Level 4
Level 4

‎01-13-2004 01:14 AM

MPLS VPN is only as secure its configuration, similar to frame-relay, where if the provider configures the wrong virtual circuit mapping. It looks like the provider has messed up their import configuration of the Route Descriptors.

0 Helpful
Customers Also Viewed These Support Documents