Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Making an inline Suricata box using OPNsense
« previous
next »
Print
Pages: [
1
]
Author
Topic: Making an inline Suricata box using OPNsense (Read 3005 times)
smoore
Newbie
Posts: 8
Karma: 2
Making an inline Suricata box using OPNsense
«
on:
February 16, 2019, 09:27:28 pm »
I'm looking to make an inline Suricata box to intercept certain applications. I need DPI to detect certain applications (i.e. unauthorized VPN traffic) and block it. The box needs to be inline and receive its LAN IP address from the DCHP server.
I have been looking at OPNsense (as opposed to Security Onion) to do this project quickly but got lost in the configurations. Is there a knowledgebase article to setup OPNsense in bridge mode to transparently pass through traffic with Suricata IPS active?
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Making an inline Suricata box using OPNsense
«
Reply #1 on:
February 19, 2019, 11:39:36 am »
Hi,
Technically
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
will get you started and enabling IPS is done normally on top. But you can get away with listening on either LAN or WAN exclusively as the traffic will be the same.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Making an inline Suricata box using OPNsense