Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1221
Views
5
Helpful
2
Replies

emergency errors in log, ike, isakmp, config etc and no VPN/Ipsec configured

WebRaider
Level 1
Level 1

‎01-21-2020 04:04 AM - edited ‎02-21-2020 09:50 PM

Have an rv220w, which is configured with all remote, vpn, Ipsec etc. turned off (as far as I have understood) but still there ends up a number of strange log items.. making me believe it still have some of theses turned off functions active anyway..

Log example:

2011-01-01 00:00:42: [rv220w][IKE] INFO: IKE started
2020-01-19 152011-01-01 00:00:42: [rv220w][IKE] INFO: IKE started
2020-01-19 15:35:56: [rv220w][IKE] ERROR: packet shorter than isakmp header size.
2020-01-20 02:14:28: [rv220w][IKE] ERROR: Could not find configuration for 216.218.206.118[7749]
2020-01-21 01:22:11: [rv220w][IKE] ERROR: Could not find configuration for 216.218.206.110[17033]
2020-01-21 05:21:41: [rv220w][IKE] ERROR: the length of the isakmp header is too big.:35:56: [rv220w][IKE]

 

Can anyone please explain to me what I have missed/not understod and what these log items mean..

 

best regards, Tommy

0 Helpful
2 Replies 2

anythingyouwant
Level 1
Level 1

‎01-23-2020 11:38 AM

its a feature that is impossible to turn off and seems to be impossible to block even with the built in firewall feature. if you have the routers wan port connected to the internet then it is constantly being attacked by automated bots and you will soon have thousands entries in the log and the router will be very slow too. would be really nice if someone would add a button that allows turning this useless insecure and obsolete vpn feature off completely so its not visible to ddos attackers and exploiters.

the logs will be filled with thousands entries that look like this when the router is connected directly to the internet..

2020-01-21 23:02:31: [rv220w][IKE] ERROR:  Invalid exchange type 243 from 151.32.88.184[500].
2020-01-21 23:02:32: [rv220w][IKE] ERROR:  Invalid exchange type 243 from 151.32.88.184[500].
2020-01-22 02:52:11: [rv220w][IKE] ERROR:  Could not find configuration for 216.218.206.66[47606]
2020-01-23 02:29:27: [rv220w][IKE] ERROR:  Could not find configuration for 216.218.206.114[7616]
2020-01-23 08:53:29: [rv220w][IKE] ERROR:  packet shorter than isakmp header size.

Richard Burts
Hall of Fame
Hall of Fame
In response to anythingyouwant

‎01-25-2020 01:51 PM

There is a difference between not using a feature like IKE and turning that feature off. So can you tell us what you have done to turn off IKE?

 

Looking at the original post I see 6 messages about IKE generated over 20 days. And in every case it appears that IKE did not negotiate. As was mentioned in the other response if your router connects to the Internet then there will be many attempts to access your router. Some of those attempts will involve IKE. As long as there is no evidence that IKE ever negotiated I do not think it is worth much concern. In a related thought: does your router log how many attempts it receives on its Internet facing interface to telnet, or to send SNMP? Do you worry about those attempts?

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents