Feature Request: ASN Table like URL Tabel (IPs)

Started by MrLee, October 30, 2024, 01:52:19 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 30, 2024, 01:52:19 PM
I use my OPNSense router on the edge of a corporate network that hosts VPN.  as everyone knows there are large vpn brute force campaigns going on around the world.

when I find an ASN that is guilty of many attempts at a brute force attempt towards our systems, I block the ASN in a BGP ASN alias.  this is becoming very large as you could imagine and I need to manually update multiple routers.

it would be great if there was a way to have an ASN tables list on a server the way the URL Tables (IP) works so i could list all the ASNs that I need in the alias.
this would eliminate me having to touch every device any time I find an ASN that is offending.
October 30, 2024, 02:31:27 PM #1
The OPNsense business edition has a quite potent alias synchronization with OPNcentral.

https://docs.opnsense.org/vendor/deciso/opncentral.html#aliases-firewall

You can have a central host where you configure all of your aliases, and push them to all other firewalls with a single sync.
Hardware:
DEC740
Print
Go Up Pages1
User actions