Community Talk

 View Only
last person joined: yesterday 

Learn how to best utilize the Elevate community and hear first about community updates.
  • 1.  Screen OS

    Posted 12-11-2024 08:43

    Hi all,

    I am currently working with a Juniper SSG-35M in my environment, where I have configured an IPSec tunnel to a third-party vendor. However, I keep receiving the following error message:

    "Attack alarm: IKE first message DoS attack on interface Root from source IP"

    I suspect that this is due to DoS protection triggering false positives on the IPSec tunnel. I want to allow unlimited incoming requests from the specific IPs involved in the tunnel, while preventing any other DoS attacks from other IPs.

    Is there a way to achieve this on Juniper ScreenOS (SSG-35M)? Specifically, can I configure the firewall to whitelist the specific IP addresses for the IPSec tunnel while still keeping DoS protection active for other traffic?

    Any guidance or suggestions would be greatly appreciated!