question

szamgep avatar image
0 Likes"
szamgep asked

How can causes extremely high udp_flood anomaly the legal VPN connections?

I set up Dos Policy, only monitoring, on the incoming WAN port, with default values. The udp_flood threshold is 2000. What is the unit of the threshold value?

I'm experiencing a constant udp_flood anomaly with my own legal VPN connections (colleagues connecting to the internal network via VPN). The following logs are visible in the analyzer. What could be causing these anomalies in IKE traffic. What does the count value mean? Very high variance (2 and 22332).

chrome-zozz5fod3c.png


FortiGateVPNDoS policy
chrome-zozz5fod3c.png (187.0 KiB)
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

0 Answers

·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Welcome to FortiAnswers

FortiAnswers is the space dedicated to FortiSASE and FortiOS questions and suggestions.

  • Please review the Community guidelines
  • If you are a moderator, please refer to the Moderation guidelines
  • If something in the above guidelines is unclear, please post your question to the Community Feedback space or the Moderators' space

Related Questions

add another subnet in ipse vpn