Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
[SOLVED] Suricata and port 443
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Suricata and port 443 (Read 4349 times)
miroco
Full Member
Posts: 109
Karma: 9
[SOLVED] Suricata and port 443
«
on:
September 16, 2017, 03:51:24 pm »
Suricata and port 443
As soon as I enable IPS mode under Intrusion Detection, the No-IP DynamicDNS update fails. This also makes my OpenVPN Server to fail. It’s a road warrior style configuration using port 443.
I sat out to try the abuse.ch ruleset and IPS. The ruleset does not seem to play a part in this, but IPS definitely does. The mandatory 3x hardware offloading is disabled.
Sep 14 20:38:348 opnsense:/usr/local/etc/rc.dyndns: curl error occurred: Failed to connect to dynupdate.no-ip.com port 443: Operation timed out
If I uncheck IPS mode, the problem goes away and I can connect to my OpenVPN server.
Sep 14 20:47:36 opnsense:/usr/local/etc/rc.bootup: DynamicDNS (xxxxxxxxxxxx.ddns.net): (Success) DNS hostname update successful.
I’m on OPNsense ver. 17.7.2
Perhaps a related issue.
https://forum.opnsense.org/index.php?topic=4727.0
Miroco
«
Last Edit: September 22, 2017, 12:51:12 pm by miroco
»
Logged
miroco
Full Member
Posts: 109
Karma: 9
Re: [SOLVED] Suricata and port 443
«
Reply #1 on:
September 22, 2017, 12:49:05 pm »
The root to the problem was that the 3 x hardware offload was already disabled by default. That gave the impression of a false dubble negative that confused me.
Both the DDNS service updating and OpenVPN are now working.
Miroco
«
Last Edit: September 22, 2017, 12:51:32 pm by miroco
»
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: [SOLVED] Suricata and port 443
«
Reply #2 on:
September 22, 2017, 07:32:28 pm »
Hi Miroco,
Thanks for the follow up.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
[SOLVED] Suricata and port 443
