Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts with replies and give us your feedback.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
115531
Views
37
Helpful
169
Replies

Security Center

JessIT1
Level 4
Level 4

‎02-06-2024 05:27 AM

Morning all: Saw this Source - IP with Action - Allowed on (2) of our firewall's external WAN IP's as the Destination.

Not sure why it was allowed..

I immediately added 95.214.52.173:500 & 95.214.52.173 to our Meraki Content Filtering - URL Filtering Block List and added a Layer 7 Deny rule for 95.214.52.173:500

image.jpegimage.jpeg

image.jpeg

Labels:
0 Helpful
169 Replies 169

nishmeNtic
Level 1
Level 1

‎08-27-2024 05:17 AM

3 new IP's - this is getting out of hand.

98.27.28.1

69.69.69.70

98.27.12.6

0 Helpful

JessIT1
Level 4
Level 4
In response to nishmeNtic

‎08-27-2024 05:19 AM

yep, got those as well, added to my layer 7, layer 3 deny list, crazy.

0 Helpful

james.thornhill1
Community Member
In response to nishmeNtic

‎08-27-2024 05:22 AM

Yep, added those to my ever growing list too

james.thornhill1
Community Member

‎09-12-2024 06:01 AM

Some new IP's to block

87.120.166.69:500
87.120.166.70:500
70.70.70.72:500
87.120.166.231:500
87.120.166.69:500

0 Helpful

JessIT1
Level 4
Level 4

‎09-19-2024 08:01 AM

I also received those IP's. However I recently replaced 3 of my firewalls that could no longer could receive firmware updates, and now the Zyxel unauthenticated IKEv2 command injection attempt and Zyxel unauthenticated IKEv2 overflow attempts that have been plaguing our MX's since February now show blocked instead of allowed..so I guess getting these MX's up to the latest MX 18.211.2 version allowed the

Intrusion detection and prevention to block..strange.

0 Helpful

nishmeNtic
Level 1
Level 1
In response to JessIT1

‎09-19-2024 08:09 AM

Which MX couldn't receive updates? Which model are you using now? Thanks

0 Helpful

dunky
Level 9
Level 9
In response to nishmeNtic

‎09-19-2024 08:12 AM

I've got the issue on an MX84 which cannot be upgraded (its on 18.107.11), although its running at 33%+ utilization which may be the issue rather than the firmware version

0 Helpful

nishmeNtic
Level 1
Level 1
In response to dunky

‎09-19-2024 08:13 AM

same, i just checked it wont allow firmware upgrades higher on MX84. I got to check when these will be eol.

0 Helpful

dunky
Level 9
Level 9
In response to nishmeNtic

‎09-19-2024 08:15 AM

MX84 End-of-Support is Oct 31, 2026

JessIT1
Level 4
Level 4
In response to dunky

‎09-19-2024 08:19 AM

Wow, 2026, might have jumped the gun then.. My thought was just since firmware updates had reached EOL that I did not want any lapse in security to be our downfall. And again, odd that after I upgraded all those rogue IP's showing allowed, now show blocked, maybe a coincidence..

0 Helpful

dunky
Level 9
Level 9
In response to JessIT1

‎09-19-2024 08:22 AM

@JessIT1 What utilization was the old MX running at compared to the new one?

0 Helpful

JessIT1
Level 4
Level 4
In response to dunky

‎09-19-2024 08:24 AM

Not sure, did not check that. How do you check an MX's utilization?

0 Helpful

JessIT1
Level 4
Level 4
In response to nishmeNtic

‎09-19-2024 08:13 AM

MX64, MX64W, MX84 could not go past 18.200. Now using MX 67, MX67W, MX95

0 Helpful

nishmeNtic
Level 1
Level 1
In response to JessIT1

‎09-19-2024 08:14 AM

another cash grab to update all these older ones.

JessIT1
Level 4
Level 4
In response to nishmeNtic

‎09-19-2024 08:26 AM

We were going on 8 years of running those 3 MX's we replaced.

0 Helpful
Customers Also Viewed These Support Documents