OPNsense Forum

English Forums => General Discussion => Topic started by: morcom on July 20, 2016, 11:51:29 am

Title: Intrusion Detection issue - IPS activated - no acces from LAN to network
Post by: morcom on July 20, 2016, 11:51:29 am

Hi again...

So I have one issue with Intrusion Detection on my home used firewall.

I'm using this board together with OPNsense: http://www.hcipctech.com/Home/ProductCon?productid=317&english=2  (http://www.hcipctech.com/Home/ProductCon?productid=317&english=2)

It is nothing powerful - but actually it is fine for small home firewall - and as I have some systems which should be protected - I need as well ID service. Before I have tested ClearOS (works fine - was blocking most unwanted attacks on VoIP server), then SOPHOS UTM 9 (was working fine but it was looking that it was blocking much less than ClearOS - so on my FusionPBX I saw plenty of attacks).

As I was not really happy with the way Sophos UTM was working - I have decided to move to open source... and now - ID is setup - but in any situation I'm activating IPS - whole traffic is blocked totally.
I have IPS active on another OPNsense in datacenter (installed on top of PROXMOX VM) - and I have no issues with traffic from LAN.
At home - IPS activated - no traffic from LAN. No IPS - all works.

Settings on both instances are more less the same....

Any ideas why? Is it related to hardware?

Thanks for any tips where to look.

Mike

Title: Re: Intrusion Detection issue - IPS activated - no acces from LAN to network
Post by: franco on July 22, 2016, 06:21:13 pm

Hi Mike,

Hardware looks good, no Realtek NICs, very good indeed. :D

You should disable all hardware acceleration features under Interfaces: Settings and try again after a reboot to be safe. Also make sure that you are on the latest version 16.1.20.


Cheers,
Franco