troubleshooting Question

Juniper SSG320M Teardrop Attack

Avatar of PMICORP
PMICORPFlag for United States of America asked on
VPNHardware FirewallsInternet Protocol Security
5 Comments2 Solutions1760 ViewsLast Modified:
We currently have a Juniper SSG320M at our colo and a SSG140 at our home office, we are running over an IPSEC VPN from our home office to our colo. I am getting Teardrop attack alerts every hour or so at our colo, the interesting thing is its reporting the attack coming from our home office IP. I already have Teardrop protection turned on at both locations for the Trust and Untrust interfaces. I am just having trouble figuring out why these attacks are occurring and where they are generated from. Any help in this matter would be great.
Thanks -Chad-

Teardrop attack! From 67.xxx.xxx.xxx to 63.xxx.xxx.xxx, proto 50 (zone Untrust, int ethernet0/2). Occurred 1 times.
ASKER CERTIFIED SOLUTION
Qlemo
"Batchelor", Developer and EE Topic Advisor
Join our community to see this answer!
Unlock 2 Answers and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros