# mpd5 - ban IP with failed authentication



## Selin (Oct 1, 2021)

Hi

I want to protect my PPTP/L2TP VPN server by banning clients after 3 failed authentications.
Tried to use fail2ban (+IPFW) but was unable to find any IP in MPD5/Racoon logs (even with debug log level).
Is there any solution how to ban IP of a client that failed PPTP/L2TP authentications several times?

Thanks


----------



## Geezer (Oct 2, 2021)

Write a program that polls the log files and adds rules to your firewall.


----------



## Selin (Oct 2, 2021)

No need for a new program. Fail2ban does this perfectly.
The problem - how to force MPD5 to log IP addresses...
Or, maybe, MPD5 has already some built-in option to ban failed IPs... But I'm just unable to find such an option.


----------



## VladiBG (Oct 2, 2021)

What you have in your racoon.log can you share it. By default it logs to the syslogd.


----------

