Problematic with IPS/IDS on LAN Bridge

Started by echelon, January 18, 2021, 11:35:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 18, 2021, 11:35:04 PM
Hello,

   OpnSense newbie in here, my setup is getting WAN connectivity through PPPOE on eth5, and eth0-eth4 is bridged in one bridge called LAN, the problem is when I am using IPS/IDS/Suricata in this LAN bridge, the connectivity becoming not stable, ping goes RTO mostly and LAN bridge goes up and down when traffic coming through.

I have tried to turning on Promiscuous mode but still the link is not stable, while defining the IDS/IPS/Suricata running only on WAN interface then the link becoming stable.

I have already defined my Home networks as 10.10.8.0/21 as this network is the one that I am use.

I am on OPNsense 21.1.r1-amd64.

Are these are bugs?, should I logged it on github?.

Cheers,
February 02, 2021, 12:00:37 PM #1
When you stay the link becomes unstable, can you give more information.  Does all traffic stop, are you getting timeouts from your browser, any error message in suricata?  Also have you tried to see what is being blocked in the log or alerts? 

What configurations have you made so far, i.e. turning off offloading, etc.

Have you tried suricata with IPS mode disabled (off)?
Print
Go Up Pages1
User actions