Show Posts
1
19.7 Legacy Series / IDS/IPS Kills Opnsense
« on: November 19, 2019, 10:14:03 pm »
Hi all,
I'm setting up an HA setup of 2 virtualized Opnsense installs (latest updates installed) on 2 Proxmox hosts.
Everything is working great except IPS. Even IDS mode is fine. I've read through every post I could find as well as the manual and I've tried pretty much every combination of settings I can think of but no matter what I do it crashes as soon as I enable IPS mode.
-Interfaces as either e1000 or virtio.
-no rules applied, lots of rules applied.
-all hardware offloading disabled including the vlan stuff
-hyperscan and Aho-corsack
-just LAN interface, WAN and LAN (using the base adapter and not the VLAN interfaces)
I can still get to Opnsense through the Proxmox virtual console and it still behaves itself in there so I'm assuming it's just killing all of the network traffic on all interfaces.
No matter what I do nothing seems to work and I have no idea which log files to look at (or where they are) to see what kind of errors I'm getting.
Any help would be really appreciated.
Thanks,
Rob
I'm setting up an HA setup of 2 virtualized Opnsense installs (latest updates installed) on 2 Proxmox hosts.
Everything is working great except IPS. Even IDS mode is fine. I've read through every post I could find as well as the manual and I've tried pretty much every combination of settings I can think of but no matter what I do it crashes as soon as I enable IPS mode.
-Interfaces as either e1000 or virtio.
-no rules applied, lots of rules applied.
-all hardware offloading disabled including the vlan stuff
-hyperscan and Aho-corsack
-just LAN interface, WAN and LAN (using the base adapter and not the VLAN interfaces)
I can still get to Opnsense through the Proxmox virtual console and it still behaves itself in there so I'm assuming it's just killing all of the network traffic on all interfaces.
No matter what I do nothing seems to work and I have no idea which log files to look at (or where they are) to see what kind of errors I'm getting.
Any help would be really appreciated.
Thanks,
Rob