Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
IDS/IPS Kills Opnsense
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS/IPS Kills Opnsense (Read 2518 times)
flightdeckrob
Newbie
Posts: 1
Karma: 0
IDS/IPS Kills Opnsense
«
on:
November 19, 2019, 10:14:03 pm »
Hi all,
I'm setting up an HA setup of 2 virtualized Opnsense installs (latest updates installed) on 2 Proxmox hosts.
Everything is working great except IPS. Even IDS mode is fine. I've read through every post I could find as well as the manual and I've tried pretty much every combination of settings I can think of but no matter what I do it crashes as soon as I enable IPS mode.
-Interfaces as either e1000 or virtio.
-no rules applied, lots of rules applied.
-all hardware offloading disabled including the vlan stuff
-hyperscan and Aho-corsack
-just LAN interface, WAN and LAN (using the base adapter and not the VLAN interfaces)
I can still get to Opnsense through the Proxmox virtual console and it still behaves itself in there so I'm assuming it's just killing all of the network traffic on all interfaces.
No matter what I do nothing seems to work and I have no idea which log files to look at (or where they are) to see what kind of errors I'm getting.
Any help would be really appreciated.
Thanks,
Rob
Logged
opnsenuser
Newbie
Posts: 27
Karma: 2
Re: IDS/IPS Kills Opnsense
«
Reply #1 on:
November 21, 2019, 06:47:40 pm »
I can confirm this behavior. I'm running on a Decsio OPNsense Dual A10 QC SSD rack Gen2+.
Logged
MrJohnBBQ
Newbie
Posts: 9
Karma: 0
Re: IDS/IPS Kills Opnsense
«
Reply #2 on:
November 23, 2019, 08:24:58 am »
Same behavior here. I'm running 19.7.6 on a SuperMicro SYS-5019A-FTN4.
Apparently there were driver issues on FreeBSD 10 a couple of years back, according to these:
https://www.servethehome.com/day-0-with-intel-atom-c3000-getting-nics-working/
https://forum.netgate.com/topic/120704/atom-c3758-supermicro-a2sdi-8c-hln4f-pfsense
But from what I understand the drivers are available in FreeBSD 11 (which is the case with OPNsense 19.x) so I suspect this may not be related.
I'd be glad to help with forensics but am not a FreeBSD person and would need some pointers on how to research this.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
IDS/IPS Kills Opnsense