Question
VPN Events - someone trying to get in?
Our fortigate 60e firewall has a few logs from our VPN over the weekend which are
[ul]and after looking at the remote IP it shows they are based in China, which isnt any of our users. I just wondered is this common and what can be done to prevent it?
We use to connect to the VPN via an IP address but we recently setup a domain (vpn.domain.com) so it matches our ssl cert and so we dont get the SSL certificate warning. I wonder if somehow these hackers are finding domains with vpn.domain.com and trying to connect?
The strange thing is there was no failed or successful login attempt just SSL exit error? We have 2 factor auth setup so theres no way anyone could get on either so pretty sure its ok but wanted to check with the fortigate pros?