BloodyGoodBloke
Occasional Visitor
Hi there i have an old but trusty Asus RT-N66u router that i running the latest supported Merlin 380.70 code.
Recently i have noticed some hacking attempts on my Synology box and i have put in extra security steps on there. So i looked into the Asus router to see if there is anything happening on there. looking in the logs the only thing thats concerning me are the lines.
is this someone trying to connect to my openvpn? (nslookup shows M247.com which happens to be the same as several other IP/s that have been blocked on my Synology)
what can i do to secure the router other than the usual switch of Wan access, secure password, ddos and enable firewall (what rules should i have in firewall?) Can i block IPs at the router level? I still want access externally to my website on my Synology box and my VPN will guve me access to the router if needed.
Recently i have noticed some hacking attempts on my Synology box and i have put in extra security steps on there. So i looked into the Asus router to see if there is anything happening on there. looking in the logs the only thing thats concerning me are the lines.
Code:
Jun 18 21:54:11 openvpn[837]: 185.200.118.84 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 18 21:54:11 openvpn[837]: 185.200.118.84 TLS Error: TLS handshake failed
Jun 19 09:43:22 openvpn[837]: 185.200.118.55 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 19 09:43:22 openvpn[837]: 185.200.118.55 TLS Error: TLS handshake failed
Jun 19 18:32:49 openvpn[1036]: 185.156.177.81 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 19 18:32:49 openvpn[1036]: 185.156.177.81 TLS Error: TLS handshake failed
Jun 19 18:32:49 openvpn[1036]: 185.156.177.81 Fatal TLS error (check_tls_errors_co), restarting
Jun 19 21:39:52 openvpn[837]: 185.200.118.41 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 19 21:39:52 openvpn[837]: 185.200.118.41 TLS Error: TLS handshake failed
Jun 19 22:08:43 openvpn[837]: event_wait : Interrupted system call (code=4)
Jun 19 22:09:32 rc_service: httpd 287:notify_rc restart_logger
is this someone trying to connect to my openvpn? (nslookup shows M247.com which happens to be the same as several other IP/s that have been blocked on my Synology)
what can i do to secure the router other than the usual switch of Wan access, secure password, ddos and enable firewall (what rules should i have in firewall?) Can i block IPs at the router level? I still want access externally to my website on my Synology box and my VPN will guve me access to the router if needed.