OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: kapara on November 25, 2018, 12:04:50 am
-
I read that you dont want to add vlans to Suricata but when I added the physical interface (LAN) and not the vlan (which is on the LAN physical Interface) as a monitored interface none of my phones would work or get DHCP. Then when I removed the physical interface (LAN) the phones started to work again.
Is this by design?
-
i am not aware of your architecture and wishes, but how big is your installation? I personally (@home!!!!) just inspect traffic on WAN, as i don't want traffic to get inspected, if i am in a "secure" zone.
If you have vlans, have you entered the networks in suricata?
-
For me the following worked:
- Interfaces: Settings: disable Hardware CRC, Hardware TSO, Hardware LRO and VLAN Hardware Filtering
- Services: Intrusion Detection: Administration: enable Promiscuous mode and select the physical LAN interface (my WAN is PPPoE for IPv4 and IPv6)