Enabling IPS kills internet connection - fresh install and simple network

Started by arrowheadbluetail, January 12, 2019, 03:58:24 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 12, 2019, 03:58:24 AM Last Edit: January 12, 2019, 04:18:17 AM by arrowheadbluetail
Hi all. I'm new to OPNsense and have just set up a fresh install (OPNsense 18.7). Everything is default aside from having installed the uPNP package. My network set up is as follows...

WAN->OPNsense (192.168.1.1)->Switch->WAP

With IPS disabled, everything works as it should. As soon as I enable it, with LAN and WAN selected, my devices are unable to connect to the Internet. The only rules I have installed and enabled are the OPNsense test rules. Can anyone point me in the direction of solving this issue? I'll happily provide any logs that might be needed. Thank you!
January 12, 2019, 12:03:46 PM #1
It works fine for me (and plenty of others). :)

I'll start with some of the usual questions. Is this a VM or real hardware? If it's a VM, which hypervisor? Which NIC driver are you using (if a (VM)? If it's not an E100 driver, it should be. Have you disabled all the 'offload' functions as mentioned in the documentation? What are the specs of your hardware for OPNsense? Have you looked at any of the other forum posts that cover this topic (a search will find them for you)?
Regards


Bill
January 12, 2019, 02:18:33 PM #2 Last Edit: January 12, 2019, 02:21:56 PM by arrowheadbluetail
Hi Bill. Thank you for the reply.


One more thing to mention, I only lose internet access after adding the LAN to the selected interfaces that will be monitored.
January 12, 2019, 04:12:37 PM #3
Did you update the fresh install?
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
January 12, 2019, 05:10:29 PM #4
Quote from: chemlud on January 12, 2019, 04:12:37 PM
Did you update the fresh install?

Yes, OPNsense and all available package/plugin updates were installed.
January 12, 2019, 05:34:32 PM #5
There might be some oddities with the latest suricata, see my thread

https://forum.opnsense.org/index.php?topic=10958.0

Maybe try to downgrade suricata as Franco suggests on page 2 in the link above and see if it helps...
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
January 13, 2019, 01:37:28 AM #6
Quote from: chemlud on January 12, 2019, 05:34:32 PM
There might be some oddities with the latest suricata, see my thread

https://forum.opnsense.org/index.php?topic=10958.0

Maybe try to downgrade suricata as Franco suggests on page 2 in the link above and see if it helps...

Performing a downgrade seems to have solved my issue! I'm going to keep any eye on it and update the post if anything changes. Thank you very much for the suggestion!
Print
Go Up Pages1
User actions