F1000-S

目前问题：设备F1000-S

1.日志内一直出现不明shh或者telnet记录

2.还有不同目的地的IKE丢弃包

3.每天IPSecVPN 都会掉线一次，重启防火墙之后就恢复了

%Jun 19 14:12:25:525 2021 leefullmetal IKE/3/DROP: IKE packet dropped: (src addr: 202.104.21.66, dst addr: 98.30.107.181) with I_COOKIE 2100000000000000 and R_COOKIE 0000000000000000, because of ' Bad message length ' from payload ISAKMP HEADER. 

 %Jun 19 14:12:25:600 2021 leefullmetal IKE/3/DROP: IKE packet dropped: (src addr: 202.104.21.66, dst addr: 98.30.107.181) with I_COOKIE 2100000000000000 and R_COOKIE 0000000000000000, because of ' Bad message length ' from payload ISAKMP HEADER. 

 %Jun 19 14:12:32:442 2021 leefullmetal IKE/3/DROP: IKE packet dropped: (src addr: 202.104.21.66, dst addr: 71.8.56.239) with I_COOKIE 2100000000000000 and R_COOKIE 0000000000000000, because of ' Bad message length ' from payload ISAKMP HEADER. %Jun 19 14:12:40:138 2021 leefullmetal VTY/4/VTY_LOG: TELNET user admin failed to login from 116.241.184.75 on VTY0. 

%Jun 19 14:12:42:935 2021 leefullmetal IKE/3/DROP: IKE packet dropped: (src addr: 202.104.21.66, dst addr: 98.30.107.181) with I_COOKIE 2100000000000000 and R_COOKIE 0000000000000000, because of ' Bad message length ' from payload ISAKMP HEADER. 

已检查IKE参数之类没发现异常，是否有办法禁用VTY 0 4 虚拟端口或者 在VTY 0 4 下如何禁用telnet和ssh  ,但是此设备的命令里由必须要选择使用一样

伤脑...   高手帮忙看下，谢谢！

#user-interface vty 0 4 

 authentication-mode scheme 

 user privilege level 3 

 protocol inbound telnet

# protocol inbound ? 

 all All protocol 

 ssh SSH protocol 

 telnet Telnet protocol