Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

IKE resource exhaustion DoS

Has anyone come up with any possible way of mitigating the recent IKE DoS discovered by NTA at the perimeter of the network before it compromise any IKE devices, especially RA and Site-to-Site VPNs? Cisco response doesn't identify any workaround at this time.

http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html

http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html

1 REPLY
Community Member

Re: IKE resource exhaustion DoS

I don't think there are any workarounds as of now. However, there is bug tracking this issue:CSCse70811

150
Views
0
Helpful
1
Replies
CreatePlease to create content