System Logfile indicates multiple Login attempts

An examination of my GL-AR300M log file indicates a large number of external login attempts like the following:

autopriv.warn dropbear (18080): Login attempt for nonexistent user from 15x.x.x.x:40380.

Has anyone comes across this before and what particular solution have you used to counteract these SSH attempts? Can a program (i.e. Fail2Ban) be used on the router as a solution?

Did you open port 22 in WAN? By default it is turned off and there is no way to log on ssh from outside.

No I did not turn on port 22 in WAN. Any other recommendations? concerned about Brute Force attacks.

Please turn off WAN access from the UI as well.