OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: athurdent on February 04, 2020, 09:14:12 am

Title: Enabling Suricata IPS mode breaks OpenVPN IPv6
Post by: athurdent on February 04, 2020, 09:14:12 am: My installation runs on a Proxmox KVM with VTXNET interfaces.

OpenVPN IPv6 connections work fine with Suricata disabled and also when it's enabled without IPS mode.
Enabling IPS mode results in:

Code: [Select]
09:04:04.141495 IP6 (flowlabel 0x093d8, hlim 54, next-header TCP (6) payload length: 44) 2a02:***.57451 > 2a04:***.443: Flags [S], cksum 0xec4a (correct), seq 984059939, win 65535, options [mss 1380,nop,wscale 6,nop,nop,TS val 1291158504 ecr 0,sackOK,eol], length 0 09:04:05.146364 IP6 (flowlabel 0x093d8, hlim 54, next-header TCP (6) payload length: 44) 2a02:***.57451 > 2a04:***.443: Flags [S], cksum 0xe862 (correct), seq 984059939, win 65535, options [mss 1380,nop,wscale 6,nop,nop,TS val 1291159504 ecr 0,sackOK,eol], length 0 09:04:06.152410 IP6 (flowlabel 0x093d8, hlim 54, next-header TCP (6) payload length: 44) 2a02:***.57451 > 2a04:***.443: Flags [S], cksum 0xe479 (correct), seq 984059939, win 65535, options [mss 1380,nop,wscale 6,nop,nop,TS val 1291160505 ecr 0,sackOK,eol], length 0
My incoming firewall rules for port 443 IPv6 logs the connection as successful, IPS does not log any Alert when trying to connect.

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy