OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: EFaden on April 09, 2021, 06:11:34 pm
-
So I figured I would try to get IDS/IPS setup on my home router for fun. Currently I have NO rule sets setup and my network configuration has a cable modem going to the WAN interface and uses NAT to have a single LAN interface with a VLAN 100 (for guests) and untagged for local traffic. A few questions came up....
I followed (https://homenetworkguy.com/how-to/configure-intrusion-detection-opnsense/)
1) Do I use LAN or WAN in my interface list? If I use the WAN and NAT do I need to add my WAN IP to the list of IPs? If so how can I automate that on changes.
2) It seems like whenever I enable on any of the interfaces that interface becomes completely unresponsive and won't pass any traffic. Thoughts?
Thanks!
-
So I figured I would try to get IDS/IPS setup on my home router for fun. Currently I have NO rule sets setup and my network configuration has a cable modem going to the WAN interface and uses NAT to have a single LAN interface with a VLAN 100 (for guests) and untagged for local traffic. A few questions came up....
I followed (https://homenetworkguy.com/how-to/configure-intrusion-detection-opnsense/)
1) Do I use LAN or WAN in my interface list? If I use the WAN and NAT do I need to add my WAN IP to the list of IPs? If so how can I automate that on changes.
2) It seems like whenever I enable on any of the interfaces that interface becomes completely unresponsive and won't pass any traffic. Thoughts?
Thanks!
Hello, if you activate it on the wan and your ip is dynamic, you will have to go put it forward. there is no automation for this. Please note that if you are using sensei and suricat at the same time, only one of the 2 can have the lan interface.