Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Enable IPS prevents DHCP on VLANs
« previous
next »
Print
Pages: [
1
]
Author
Topic: Enable IPS prevents DHCP on VLANs (Read 2454 times)
grimm26
Newbie
Posts: 5
Karma: 0
Enable IPS prevents DHCP on VLANs
«
on:
August 26, 2021, 05:10:56 pm »
I'm running 21.7.1
I've been using suricata for a couple years. Originally, I had no VLANs and ran a pretty flat network. I recently redid my network and added an AP that supports VLANs. It it connected to its own interface on my router PC, my wired switch connects to another interface. I am running several VLANs on the WLAN. I realized yesterday that I never enabled suricata on the network port (igb) that the AP is on, so I did that yesterday. Everything on a Wifi VLAN broke.
Details I have since found:
Things are only broken if IPS is enabled
Things are still broken even with no rules with IPS enabled
clients are not able to get a DHCP address assigned.
As I was writing this I realize that it looks like dhcpd is trying to assign clients on the VLANs an address for the physical subnet for that port and then the client can't use that IP because it is for the wrong network.
Is there some settings I need to tweak somewhere?
«
Last Edit: August 27, 2021, 04:48:36 am by grimm26
»
Logged
abulafia
Full Member
Posts: 156
Karma: 8
Re: Enable IPS prevents DHCP on VLANs
«
Reply #1 on:
August 27, 2021, 12:51:38 pm »
Had the same issue. It can be resolved as follows:
- disable VLAN hardware filtering. REBOOT (!!).
- enable IDS, enable promiscuous mode and only apply IDS on physical interfaces.
Then it works.
Can't stress the "REBOOT" bit enough.
Logged
grimm26
Newbie
Posts: 5
Karma: 0
Re: Enable IPS prevents DHCP on VLANs
«
Reply #2 on:
August 27, 2021, 02:14:43 pm »
Yes! The disabling VLAN hardware filtering is what I was missing. I had it set to default. Thank you.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Enable IPS prevents DHCP on VLANs