No announcement yet.
  • Filter
  • Time
  • Show
Clear All
new posts

  • Malware on VPN Concentrator?

    I got 2 Shoretel VPN concentrators I bought off ebay for around $150 each.

    Got the unit, cleared to factory defaults and programmed everything up. Both concentrators work fine...

    The next day, I'll come into the office and my internet connection will be very slow with the upload side having almost all the bandwidth being used. My shortel phones on the other VPN concentrators will barely work due to the slow upload speeds.

    I disconnect the VPN concentrator, problem solved!

    I spoke to my shoretel partner, but they can't support me since I bought an item off ebay. However they mentioned I could have malware on the unit?

    Any ideas?

  • #2
    There is not too much to the Shoretel vpn concentrator's but I do recall different firmware versions having memory leaks. All appliances have exploits... but rarely if ever are these exploits exercised. Id see if you can get the latest firmware and make sure you have your public lan and private lan ports restricted to the access that is needed. All though it should be a mild difference i'd make sure you enable your stunnel range to be in your ip phone address map as a teleworker.

    Lance Paddock
    BTX | Business Telephone eXchange
    1(800) 289-0299


    • #3
      I don't run a Shoretel system anymore but I have seen this when I did have a concentrator in place. Office would slow down and rebooting the concentrator would fix it. One time it happened I ssh'd into it and I was checking the logs and something was going crazy trying to hit it from a weird IP. I don't recall what I did to fix it anymore sorry. I might have had ssh open on the public side of the concentrator?