"
Option 3 seems to be working. Next step: setting EPNsense as IDS/IPS/Firewall (option 2).
Please advice!
Please advice!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: [DEC690EU, HowTo, Help Needed] Setup IDS for monitoring traffic on a double-NAT?
April 11, 2021, 04:24:04 PM #2
General Discussion / Re: [DEC690EU, HowTo, Help Needed] Setup IDS for monitoring traffic on a double-NAT?
April 09, 2021, 08:28:26 PM
I enabled a LAN in Promiscuous mode and activated IDS (option 3). Can anyone tell me a simple way to test the IDS?
#3
General Discussion / Re: Looking to install OPNsense and Ad blocking.
April 08, 2021, 06:08:04 PM
Just a suggestion by a noob Home user to another home user: Maybe use Home Assistant (WireGuard integration) to get it setup and experiment? I do not have experience with WireGuard setups, but some things can be easily be setup using HA.
Just a suggestion as a noob user, maybe this doesn't make sense at all... ???
Just a suggestion as a noob user, maybe this doesn't make sense at all... ???
#4
General Discussion / [DEC690EU, HowTo, Help Needed] Setup IDS for monitoring traffic on a double-NAT?
April 08, 2021, 05:48:38 PM
Hi2youAll!
This week I purchased an OPNsense DEC690EU and I'm kind of new, as an enthousiastic home user, to this kind of devices, so please be patient with me.... ;)
Curently I have an existing double-NAT setup and I want to use the OPNsense box to monitor my traffic using IDS (maybe later on IPS) because I don't trust my current Ubiquiti hardware due to their breach.
My current setup:
Ubiquiti LAN --> Ubiquiti Gateway (WAN) --> ISP Router LAN --> ISP Router WAN (internet).
My goal:
Ubiquiti LAN --> Ubiquiti Gateway (WAN) --> OPNsense LAN --> OPNsense WAN --> ISP Router LAN --> ISP Router WAN (internet).
So, in short I want to setup the OPNsense DEC690EU to monitor and use the IDS funtion to monitor what is actually happening (detect/monitor communication).
My noob Questions:
1 - Can I use the OPNsense box to achief this?
2 - If yes, what is the best way to do this? (bridging ethernet ports, LAN to WAN setup? Setup steps to be taken?)
3 - Another option, mirror Ubiquiti gateway WAN and configure OPNsens in Promiscuous mode, somehow, for monitoring?
20210411: Option 3 seems to be working! (Services --> Intrusion Detection --> Adminstration --> Alerts, with et_telemetry.token activated and some User defined rules added. Mirrored a port on my Ubiquiti switch connected to the Ubiquiti gateway WAN and configured EPNsens LAN 3 as Promiscuous mode.)
Can anyone give me advise and get me in the right direction to get started? It would be highly appreciated!
Thanks in advance!
This week I purchased an OPNsense DEC690EU and I'm kind of new, as an enthousiastic home user, to this kind of devices, so please be patient with me.... ;)
Curently I have an existing double-NAT setup and I want to use the OPNsense box to monitor my traffic using IDS (maybe later on IPS) because I don't trust my current Ubiquiti hardware due to their breach.
My current setup:
Ubiquiti LAN --> Ubiquiti Gateway (WAN) --> ISP Router LAN --> ISP Router WAN (internet).
My goal:
Ubiquiti LAN --> Ubiquiti Gateway (WAN) --> OPNsense LAN --> OPNsense WAN --> ISP Router LAN --> ISP Router WAN (internet).
So, in short I want to setup the OPNsense DEC690EU to monitor and use the IDS funtion to monitor what is actually happening (detect/monitor communication).
My noob Questions:
1 - Can I use the OPNsense box to achief this?
2 - If yes, what is the best way to do this? (bridging ethernet ports, LAN to WAN setup? Setup steps to be taken?)
3 - Another option, mirror Ubiquiti gateway WAN and configure OPNsens in Promiscuous mode, somehow, for monitoring?
20210411: Option 3 seems to be working! (Services --> Intrusion Detection --> Adminstration --> Alerts, with et_telemetry.token activated and some User defined rules added. Mirrored a port on my Ubiquiti switch connected to the Ubiquiti gateway WAN and configured EPNsens LAN 3 as Promiscuous mode.)
Can anyone give me advise and get me in the right direction to get started? It would be highly appreciated!
Thanks in advance!
Pages1
