Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Problematic with IPS/IDS on LAN Bridge
« previous
next »
Print
Pages: [
1
]
Author
Topic: Problematic with IPS/IDS on LAN Bridge (Read 1615 times)
echelon
Newbie
Posts: 1
Karma: 0
Problematic with IPS/IDS on LAN Bridge
«
on:
January 18, 2021, 11:35:04 pm »
Hello,
OpnSense newbie in here, my setup is getting WAN connectivity through PPPOE on eth5, and eth0-eth4 is bridged in one bridge called LAN, the problem is when I am using IPS/IDS/Suricata in this LAN bridge, the connectivity becoming not stable, ping goes RTO mostly and LAN bridge goes up and down when traffic coming through.
I have tried to turning on Promiscuous mode but still the link is not stable, while defining the IDS/IPS/Suricata running only on WAN interface then the link becoming stable.
I have already defined my Home networks as 10.10.8.0/21 as this network is the one that I am use.
I am on OPNsense 21.1.r1-amd64.
Are these are bugs?, should I logged it on github?.
Cheers,
Logged
errored out
Full Member
Posts: 171
Karma: 3
Re: Problematic with IPS/IDS on LAN Bridge
«
Reply #1 on:
February 02, 2021, 12:00:37 pm »
When you stay the link becomes unstable, can you give more information. Does all traffic stop, are you getting timeouts from your browser, any error message in suricata? Also have you tried to see what is being blocked in the log or alerts?
What configurations have you made so far, i.e. turning off offloading, etc.
Have you tried suricata with IPS mode disabled (off)?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Problematic with IPS/IDS on LAN Bridge