Hello Everyone,
I have finally made the move from pfSense to Opnsense but I am getting stuck on a few things. I am not used to the Opnsense interface and getting a little frustrated finding what I am looking for. The first thing is the firewall alerts if I want to see what is blocked and if I need to whitelist things I cannot find the logs or section for this.
I am also running a web server, and my WordPress sites are timing out, they also use a Redis cache server to speed up load times but my WordPress sites are loading slow. So, I assume something is being blocked as on my pfsense they were blazing fast and now I can't even login to the admin area.
If I can find the alert logs I can start diagnosing what's being blocked and start whitelisting things and getting things back to normal. Regarding IPS logs do I need to enable something for the alerts to work as I have never used Suricata before. I used to use snort, default firewall rules and pfBlocker-NG. I knew where to configure rules and whitelists but on Opnsense I cannot seem to find what I am looking for so any help would be much appreciated.
Thanks
Rockyuk
Dunno, I would strongly suggest to get any IDS/IPS out of the way until you get the basics working properly.
Firewall blocks:
Firewall -> Log Files -> Live View
is probably what you are looking for.
Keep Suricata for the time everything is up and running. Take some time to choose rule sets for download/activation based on threat model.