I agree that we all are not around these forums here to get bashed because of asking. Let' s just keep to the polite and informative style that this place is special for.
Besides, I don' t even have a FCNSP certification and still just don' t know so many things though I' ve got 10 years experience with Fortinet now. I' m glad I have a place where I can ask fellow colleagues for advice.
@dirkdigs
I _did_ know that the IDs were exchanged in clear text when using AgMode but the blog you refered to was interesting and showing me something new. Namely, that one can brute-force an IPsec VPN, more easily with AgMode, and how.
So, having the log flooded with unsuccessful attempts to establish a tunnel should ring the alarm bells. The new improved IPS rate filters of FOS 5.2 come to my mind.
Ede
"Kernel panic: Aiee, killing interrupt handler!"