09-09-2024 04:22 PM
I am getting tons of attempts trying to access our ldap server on the inside network. The private IP is not accessible from the internet. Are they hammering on the webvpn interface? How do I block these?
09-10-2024 04:35 AM
Are you using the LDAP server to authenticate access to the ASA? If yes are you permitting access to the ASA on the outside interface (for example command ssh 0 0 outside and / or http 0 0 outside)?
09-10-2024 04:54 AM
Yes this is attack and we see for last year many same issue.
Use control ACL or shunt to drop these IP.
Note:- you can use country IP (each country uave it IP's) to block attack to asa
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide