What is IKE and what has someone done in my USG40W ?
![[Deleted User]](https://us.v-cdn.net/6029482/uploads/defaultavatar/nN4PAQRO7TCNP.jpg)
[Deleted User]
Posts: 51 
Ally Member
Ally Member
Since opening a NAT Port Forward I am keeping a close eye on logs lately and everything seems ok but for this entry I discovered a few minutes ago:
What does that mean and what has it done to my device?
There is nothing additional configured on the device, no VPN, no accounts, no vlan, or anything else
0
All Replies
-
IMVHO someone try to... connect via IPSec.0
-
...and suceeded, or not?Most other entries in my log shows BLOCKED when conn is blocked. This does not.And here is another entry:
0 -
It seems someone is trying to build vpn to your device. Try to add a new security policy rule to block the suspect source IP or Geo IP.New RuleFrom: WANTo: ZyWALLSource: suspect source IP or Geo IPService: anyAction: denyIf you're using ipsec vpn, you can also edit the default WAN_to_Device rule and allow authorized IP in "Source".Default WAN_to_ZyWALL ruleFrom: WANTo: ZyWALLSource: authorized IPService: Default_Allow_WAN_To_ZyWALLAction: allow0
-
Well, that is the thing, I have no VPN configured, nothing whatsoever.
0
Guru Member
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 155 Nebula Ideas
- 105 Nebula Status and Incidents
- 5.9K Security
- 317 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 256 Service & License
- 398 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight
