bluepoint
Very Senior Member
Trying IPsec VPN Server On an RT-AX88U A3 for 3 days now and it seems attracting some visitors at least once a day from the same IP block. Is this a normal probe that eventually they'll figure it out? It's very simple to setup and the iOS phones has native clients built-in but eventually OPenVPN is where I'll settle which I think is safer as RMerlin constantly updates it. What do you think of the log?
Code:
Nov 26 19:27:07 08[NET] received packet: from 216.218.206.102[42261] to 100.xx.xx.xxx[500] (64 bytes)
Nov 26 19:27:07 08[ENC] parsed ID_PROT request 0 [ SA ]
Nov 26 19:27:07 08[IKE] 216.218.206.102 is initiating a Main Mode IKE_SA
Nov 26 19:27:07 08[CFG] received proposals: IKE:CAST_CBC
Nov 26 19:27:07 08[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
Nov 26 19:27:07 08[IKE] no proposal found
Nov 26 19:27:07 08[ENC] generating INFORMATIONAL_V1 request 3362235645 [ N(NO_PROP) ]
Nov 26 19:27:07 08[NET] sending packet: from 100.xx.xx.xxx[500] to 216.218.206.102[42261] (56 bytes)
I'm curious why the server is offering information to the scanner if that's what the last line is doing?
