Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
0
Helpful
1
Replies

DOS attack on vpn 3000 concentrator

uzair syed naveed
Level 1
Level 1

‎10-14-2009 07:58 PM - edited ‎02-21-2020 03:44 AM

Hi I have received an log on my cisco vpn 3000 concentrator stating....

L Internet Key Exchange (IKE) Phase-1 Denial of Service *Delinquent 2009-09-09 2009-10-09

now what do i need to do to gather more information pertaining to this DOS attack and how do i prevent it from occouring?

I would also appreciate any study material on these 3 types of vpn c2s, s2s and ssh/ssl vpn.

Regards,

Uzair.

0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎10-28-2009 01:46 PM

First you have to be aware that the cvpn is kind of a legacy technology and some of the vulnerabilites that IKE has presented in the past might be present on this box, the important part to cover here is to make sure that your box does not have a weak IKE policy enabled which will include DES, MD5 and DH1, if this is an IKE policy that you have enabled then make sure it is disabled since it is easily breakable.

Unfortunately there is no feature on the CVPN that will rate or prevent unknown ike requests but disabling these combinations might help.

As for the study materials you can go ahead and read the users guide for this box.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card