02-07-2017 09:02 PM
I am trying to figure out I get these connections when I do not have any ports open in my firewall, but the other question is do I need to worry about them?
I have a RV320 with Firmware Version:v1.3.2.02 (2016-09-23, 15:17:06).
2017-02-04, 19:53:49 ALLOW UDP 216.218.206.102:60108 -> XXX.XXX.XXX.130:500 on eth1
2017-02-04, 20:51:33 ALLOW UDP 216.218.206.106:33948 -> XXX.XXX.XXX.224:500 on eth2
Thanks
Roger
02-07-2017 09:54 PM
It seems like 216.x.x.x is trying to connect your wan somehow, however the default ACL(iptables) will drop it if you do not allow it.
02-08-2017 04:41 AM
The RV320 by default listens on port 500 UDP, this is expected behaviour and cannot be changed at this time. A change requests has been made to allow blocking UDP traffic to port 500 using the ACL, at this time it is unknown when this change will be implemented.
Port 500 UDP is used for IPSEC VPN, the traffic you are seeing consists of automated connection attempts and / or port scans carried out by shadowserver.org . If you don' t use IPSEC VPN disabled it or keep-it disabled.
10-26-2017 07:18 AM
Thanks, refrainfrombeinglame.
Can you provide more information?
Cisco just released a firmware update (1.4xxx) and a fix for this was not included. That makes me worry that the issue is not known to Cisco.
09-04-2019 03:46 AM
Has there been any update to this?
I am getting the same probes on port 500 from shadowserver.org.
I am also now getting the same problem from some ip's in China and would really like to stop this probing that is now about 10 times a day.
09-04-2019 05:20 AM
No update that I have seen. Ibelieve it is not allowing them through. Otherwise, I believe Cisco would patch it. It seems they would have to - to protect their reputation.
But I cannot tell that from the logs or the hacking I have done on the router.So the choice is to buy a Cisco service contract or buy new hardware. I don't mind giving Cisco money for the answer to this, but it's cheaper to buy new hardware -- and it looks like Cisco is not really setup for a home user to buy a single support contract. So I'll probably buy something else.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide