Fortinet support unfortunately said that there is nothing that can be
done about these at this time. The packets are actually coming in on UDP
4500 and local-in-policies cannot block those. The alerts say UDP 500,
but that isn't how they originate. S...
Strangely enough, I haven't had any attacks since creating the ISAKMP
service, but I think that is just dumb luck. I don't have a ticket open
with support yet, but will do so if you think it will help your ticket
out. Just send me your ticket number ...
I'm seeing the same thing recently where my local-in-policies aren't
stopping attempts from 144.217.0.0/16 across 20 or so of my FortiGate
devices that have ipsec VPN setup. They have specifically been coming
from 144.217.181.56. Thanks for finding t...
