1
24.1 Production Series / Re: suricata and pppoe vlan11 tagged fiber / WAN dont work
« on: June 03, 2024, 08:44:56 am »
anyone successfully using suricata on a PPPOE WAN?
Best Regards
Best Regards
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Intrusion detection systems need to track the flows. If you do address translation then sources or targets of flows are rewritten. The original flow is terminated and replaced. Intrusion detection systems typically only see one leg of the entire communication. Either the original flow leg or the replaced, new flow leg. But in either case they keep on missing half of what's going on.
Feel free to read the documentation for details. It's all there right in the "Choosing an interface" chapter: https://docs.opnsense.org/manual/ips.html#choosing-an-interface".
PS: There is a reason why many admins hate NAT. You have to jump a lot of hoops and deal with heaps of BS just to keep using the old IPv4 address.
Also NAT and intrusion detection systems are no friends.
I don't believe you can use Suricata on PPPoE - it is not compatible.
Is there a way to decide which internal IPs can use the VPN?
I have about 20 devices connect to my LAN, and I'd like just a couple of those devices to use the VPN, is it feasible?
Tia.
Hi,
Did you try System - Firmware - Status - Resolve Plugin Conflicts - Reset all local conflicts?