cancel
Showing results for 
Search instead for 
Did you mean: 

VPN causes Netgear DG834 V4 DOS Warnings after firmware upgrade to 5.1.14

Gel
Aspiring Champion
Posts: 2,332
Thanks: 299
Fixes: 29
Registered: ‎02-08-2007

VPN causes Netgear DG834 V4 DOS Warnings after firmware upgrade to 5.1.14

When I log into my company VPN , of late my Netgear Router produces multiple Security e mail reports (to my + Net address) such as
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.2,4500 - [DOS]
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.2,4500 - [DOS]
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.3,4500 - [DOS]
I know I can find setting to turn e mail alerts off, but how do I tell  DG834G  router this source is safe?
Advice valued Crazy
8 REPLIES 8
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: VPN connection produces Netgear warnings of DOS Security Alerts

Is the port number of 4500 fixed? If so my only idea would be that you could on the Services page create a service for this port, then on firewall rules create an inbound rule for that service where you allow the single WAN address 192.249.36.104 with log never.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Gel
Aspiring Champion
Posts: 2,332
Thanks: 299
Fixes: 29
Registered: ‎02-08-2007

Re: VPN connection produces Netgear warnings of DOS Security Alerts

Thanks; 4500 seems constant and I know who the 192 suffix belongs to (VPN Controller);
however ,some Netgear reports are bigger, show other addresses trying to access too;
some are Italian/Polish addresses/may be real threats, that only appear when on VPN which is US based;
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.2,4500 - [DOS]
UDP Packet - Source:64.200.148.96,1948 Destination:87.115.89.58,60009 - [DOS]
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.2,4500 - [DOS]
UDP Packet - Source:217.168.141.2,14190 Destination:87.115.89.58,51413 - [DOS]
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.2,4500 - [DOS]
UDP Packet - Source:79.54.255.101,11803 Destination:87.115.89.58,9527 - [DOS]
UDP Packet - Source:192.249.36.104,4500 Destination:192.168.0.2,4500 - [DOS]
UDP Packet - Source:79.54.255.101,11803 Destination:87.115.89.58,9527 - [DOS]
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: VPN connection produces Netgear warnings of DOS Security Alerts

That's why I suggested a rule that (a) only refers to port 4500 and (b) only allows IP 192.249.36.104
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Gel
Aspiring Champion
Posts: 2,332
Thanks: 299
Fixes: 29
Registered: ‎02-08-2007

Re: VPN connection produces Netgear warnings of DOS Security Alerts

This was caused (and vpn speed slowing to snail's pace) by recent Netgear (DG834 V4) firmware update from 5.1.09 to 5.1 14.
Reverting to previous has removed DOS warnings as soon as I connect, and inability to send/receive any e mails over 100kb!
Googling I see other applications have grief with this firmware too eg Skype/games.
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: VPN connection produces Netgear warnings of DOS Security Alerts

Thanks for the post - note to self - don't upgrade my firmware Roll_eyes
scootie
Grafter
Posts: 4,799
Thanks: 1
Registered: ‎03-11-2007

Re: VPN connection produces Netgear warnings of DOS Security Alerts

yep i upgraded to the latest firmware on the v4 and got the same mis reports that XBOX port 3074 was a dos attack which downgradein firmware again solved as i didnt fancy runing with out dos an port scan protection on currently on 5.01.09
KenA
Grafter
Posts: 92
Registered: ‎28-08-2007

Re: VPN causes Netgear DG834 V4 DOS Warnings after firmware upgrade to 5.1.14

I've got two of these routers, one with v3 hardware, the other v4.  Both on the latest firmware.  The v3 one runs realy fast, any my download speed is much higher than when I swap in the v4 hardware.
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: VPN causes Netgear DG834 V4 DOS Warnings after firmware upgrade to 5.1.14

Aren't those different chipsets?
[me=jelv]Really off the wall: does this in any way tie in with the PPP issues?[/me]
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)