Block invaild VPN user did not work now!

lcqxinyun · Wed Apr 24, 2019 2:26 pm

I used this filter to block invaild users since v.6.38.7, and it works prefect. CUZ the invaild cilent will continued reconnect my VPN port when I disable the user.

/ip firewall filter
add action=drop chain=input comment="Drop pptp invaild 7 Day" dst-port=1723 protocol=tcp src-address-list=pptp_blacklist
add action=add-src-to-address-list address-list=pptp_blacklist address-list-timeout=1w chain=input connection-state=new dst-port=1723 protocol=tcp src-address-list=pptp_stage3
add action=add-src-to-address-list address-list=pptp_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=1723 protocol=tcp src-address-list=pptp_stage2
add action=add-src-to-address-list address-list=pptp_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=1723 protocol=tcp src-address-list=pptp_stage1
add action=add-src-to-address-list address-list=pptp_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=1723 protocol=tcp

But now it didn't work when I upgrade to 6.43.11. How to fix this problem? It make my logs display a lot of record : "tcp connection established from XX.XX.XX.XX " . Thanks.

anav · Wed Apr 24, 2019 3:45 pm

post your config
/export hide-sensitive file=yourconfig

Block invaild VPN user did not work now!

Block invaild VPN user did not work now!

Re: Block invaild VPN user did not work now!