Adding LAN suspends connection via WAN

Started by LiorY, May 23, 2024, 08:08:58 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 23, 2024, 08:08:58 AM
Im running OPNsense on PROXMOX and when I have a WAN ips I can access the GUI, after I add LAN my connection is lost.
Any ideas?
May 23, 2024, 08:48:14 AM #1
That is why there is an "IDS" setting. Enable only that, see what gets flagged in the logs and then either disable those specific rules or remove the root cause. Obviously, when you jump directly to "IPS", some anticipated problems cause a disconnection.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
May 23, 2024, 09:27:59 AM #2
I actually removed all rules of NAT and filter before adding the new LAN, which means I shouldnt have any disruption between the networks.
May 23, 2024, 11:22:18 AM #3
You cannot remove IPS rules by fiddling with NAT and firewall settings.

If you enable suricata IPS, it will detect, log and block anything suspicious. With only IDS enabled, it will detect and log only.

However, when your are locked out, you obviously cannot inspect the logs to see which suricata (i.e. not NAT/firewall) policies or rules cause the block. These are on a tab under "Intrusion Detection", not in the firewall or NAT rules.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Print
Go Up Pages1
User actions