OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Securytix »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Securytix

Pages: [1]
1
General Discussion / Re: [DEC690EU, HowTo, Help Needed] Setup IDS for monitoring traffic on a double-NAT?
« on: April 11, 2021, 04:24:04 pm »
Option 3 seems to be working. Next step: setting EPNsense as IDS/IPS/Firewall (option 2).

Please advice!

2
General Discussion / Re: [DEC690EU, HowTo, Help Needed] Setup IDS for monitoring traffic on a double-NAT?
« on: April 09, 2021, 08:28:26 pm »
I enabled a LAN in Promiscuous mode and activated IDS (option 3). Can anyone tell me a simple way to test the IDS?

3
General Discussion / Re: Looking to install OPNsense and Ad blocking.
« on: April 08, 2021, 06:08:04 pm »
Just a suggestion by a noob Home user to another home user: Maybe use Home Assistant (WireGuard integration) to get it setup and experiment? I do not have experience with WireGuard setups, but some things can be easily  be setup using HA.

Just a suggestion as a noob user, maybe this doesn't make sense at all...  ???

4
General Discussion / [DEC690EU, HowTo, Help Needed] Setup IDS for monitoring traffic on a double-NAT?
« on: April 08, 2021, 05:48:38 pm »
Hi2youAll!

This week I purchased an OPNsense DEC690EU and I'm kind of new, as an enthousiastic home user, to this kind of devices, so please be patient with me....  ;)

Curently I have an existing double-NAT setup and I want to use the OPNsense box to monitor my traffic using IDS (maybe later on IPS) because I don't trust my current Ubiquiti hardware due to their breach.

My current setup:
Ubiquiti LAN -->  Ubiquiti Gateway (WAN) --> ISP Router LAN --> ISP Router WAN (internet).

My goal:
Ubiquiti LAN -->  Ubiquiti Gateway (WAN) --> OPNsense LAN --> OPNsense WAN --> ISP Router LAN --> ISP Router WAN (internet).

So, in short I want to setup the OPNsense DEC690EU to monitor and use the IDS funtion to monitor what is actually happening (detect/monitor communication).

My noob Questions:
1 - Can I use the OPNsense box to achief this?
2 - If yes, what is the best way to do this? (bridging ethernet ports, LAN to WAN setup? Setup steps to be taken?)
3 - Another option, mirror Ubiquiti gateway WAN and configure OPNsens in Promiscuous mode, somehow, for monitoring?
20210411: Option 3 seems to be working! (Services --> Intrusion Detection --> Adminstration --> Alerts, with  et_telemetry.token activated and some User defined rules added. Mirrored a port on my Ubiquiti switch connected to the Ubiquiti gateway WAN and configured EPNsens LAN 3 as Promiscuous mode.)

Can anyone give me advise and get me in the right direction to get started? It would be highly appreciated!

Thanks in advance!

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2