Recently, we have observed a brute-force cyber attack that originates from several IP addresses of cloud services and indiscriminately attempts to penetrate the network via IPsec VPN against a wide range of global IP addresses of the victim.
The frequency of notification of disconnected tunnel identification numbers via IPsec Informational Exchange packets is now limited, reducing the occurrence of nonsensical packet ping-pong between attackers targeting IPsec VPN devices with a wide range of global IP addresses.
In addition, if you have been receiving indiscriminate attack attempt packets targeting IPsec VPN devices, which have been occurring frequently on the Internet since around August 2021, and have been experiencing reduced communication speed or failed VPN connections for legitimate users, we recommend that you apply the update.
If you are using the system with L2TP/IPsec, EtherIP/IPsec or L2TPv3/IPsec features enabled, we recommend that you apply the update.
This RTM build includes all changes from the previously released Beta versions, Build 9754 and Build 9758.
Improve the stability of IPsec function with reducing consuming CPU time / network bandwidth / memory consumption even if your server receive a large number of IPsec packets from indiscriminate attack attempts (brute force attacks, reflection attacks, etc.) targeting generic IPsec VPN devices, which have been occurring frequently on the Internet recently.
The revision history of each SoftEther VPN build is here.1