Hi all,
I am currently working with a Juniper SSG-35M in my environment, where I have configured an IPSec tunnel to a third-party vendor. However, I keep receiving the following error message:
"Attack alarm: IKE first message DoS attack on interface Root from source IP"
I suspect that this is due to DoS protection triggering false positives on the IPSec tunnel. I want to allow unlimited incoming requests from the specific IPs involved in the tunnel, while preventing any other DoS attacks from other IPs.
Is there a way to achieve this on Juniper ScreenOS (SSG-35M)? Specifically, can I configure the firewall to whitelist the specific IP addresses for the IPSec tunnel while still keeping DoS protection active for other traffic?
Any guidance or suggestions would be greatly appreciated!