OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: arrowheadbluetail on January 12, 2019, 03:58:24 am

Title: Enabling IPS kills internet connection - fresh install and simple network
Post by: arrowheadbluetail on January 12, 2019, 03:58:24 am
Hi all. I’m new to OPNsense and have just set up a fresh install (OPNsense 18.7). Everything is default aside from having installed the uPNP package. My network set up is as follows...

WAN->OPNsense (192.168.1.1)->Switch->WAP

With IPS disabled, everything works as it should. As soon as I enable it, with LAN and WAN selected, my devices are unable to connect to the Internet. The only rules I have installed and enabled are the OPNsense test rules. Can anyone point me in the direction of solving this issue? I’ll happily provide any logs that might be needed. Thank you!
Title: Re: Enabling IPS kills internet connection - fresh install and simple network
Post by: phoenix on January 12, 2019, 12:03:46 pm
It works fine for me (and plenty of others). :)

I'll start with some of the usual questions. Is this a VM or real hardware? If it's a VM, which hypervisor? Which NIC driver are you using (if a (VM)? If it's not an E100 driver, it should be. Have you disabled all the 'offload' functions as mentioned in the documentation? What are the specs of your hardware for OPNsense? Have you looked at any of the other forum posts that cover this topic (a search will find them for you)?
Title: Re: Enabling IPS kills internet connection - fresh install and simple network
Post by: arrowheadbluetail on January 12, 2019, 02:18:33 pm
Hi Bill. Thank you for the reply.


One more thing to mention, I only lose internet access after adding the LAN to the selected interfaces that will be monitored.
Title: Re: Enabling IPS kills internet connection - fresh install and simple network
Post by: chemlud on January 12, 2019, 04:12:37 pm
Did you update the fresh install?
Title: Re: Enabling IPS kills internet connection - fresh install and simple network
Post by: arrowheadbluetail on January 12, 2019, 05:10:29 pm
Quote from: chemlud on January 12, 2019, 04:12:37 pm
Did you update the fresh install?

Yes, OPNsense and all available package/plugin updates were installed.
Title: Re: Enabling IPS kills internet connection - fresh install and simple network
Post by: chemlud on January 12, 2019, 05:34:32 pm
There might be some oddities with the latest suricata, see my thread

https://forum.opnsense.org/index.php?topic=10958.0

Maybe try to downgrade suricata as Franco suggests on page 2 in the link above and see if it helps...
Title: Re: Enabling IPS kills internet connection - fresh install and simple network
Post by: arrowheadbluetail on January 13, 2019, 01:37:28 am
Quote from: chemlud on January 12, 2019, 05:34:32 pm
There might be some oddities with the latest suricata, see my thread

https://forum.opnsense.org/index.php?topic=10958.0

Maybe try to downgrade suricata as Franco suggests on page 2 in the link above and see if it helps...

Performing a downgrade seems to have solved my issue! I’m going to keep any eye on it and update the post if anything changes. Thank you very much for the suggestion!