I use FG600D (Fortios V5.4.5) with 30 VPN (IKE) but since few weeks i have trouble with some public ip like 126.96.36.199. Each night i have a lot of attempts to establish VPN IKE. This public ip is not public ip of my company.
For example :
Message meets Alert condition
date=2018-06-03 time=04:47:33 devname=FW-BLC-1 devid=FGT6HDXXXXXXX logid=0101037128 type=event subtype=vpn level=error vd=root logdesc="Progress IPsec phase 1" msg="progress IPsec phase 1" action=negotiate remip=[style="background-color: #ffff00;"]188.8.131.52[/style] locip=xxx.xxx.xxx.xxx remport=24916 locport=500 outintf="IP-Pub-Complete" cookies="3e35c70729dfedef/0000000000000000" user="N/A" group="N/A" xauthuser="N/A" xauthgroup="N/A" assignip=N/A vpntunnel="N/A" status=failure init=remote mode=main dir=inbound stage=1 role=responder result=ERROR
I try to use local in policy but i don't understand how. In my all Fortigate i saw local in policy in GUI but in CLI i have nothing.
Please could you tell me if it's the good way to block unwanted public ip ? and if it's the good way could you explained me how can i do ?
In Example i found, all people explain to choose wan interface for source but i don't know which destination interface i must select.