Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Loss network when I enable IPS
« previous
next »
Print
Pages: [
1
]
Author
Topic: Loss network when I enable IPS (Read 1772 times)
burns1230
Newbie
Posts: 8
Karma: 0
Loss network when I enable IPS
«
on:
January 17, 2023, 03:47:01 am »
Hi everyone!
I recently installed 22.7.10_2-amd64.
However, when IPS is enabled, the network dies.
What causes this and is there any other way to enable IPS?
I hope for a good reply.
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Loss network when I enable IPS
«
Reply #1 on:
January 17, 2023, 06:34:28 am »
Do you use vlans?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
burns1230
Newbie
Posts: 8
Karma: 0
Re: Loss network when I enable IPS
«
Reply #2 on:
January 17, 2023, 07:31:24 am »
No VLANs are used.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Loss network when I enable IPS
«
Reply #3 on:
January 17, 2023, 11:42:02 am »
It needs a NIC with drivers in freebsd that play nice with the network stack. Also consumes more cpu cycles.
What nic is in use, which interface you are enabling it on (LAN, WAN, etc.) and what network driver is being used?
Please provide more information, technical.
Logged
burns1230
Newbie
Posts: 8
Karma: 0
Re: Loss network when I enable IPS
«
Reply #4 on:
January 18, 2023, 07:09:59 am »
I used
pciconf -lv | grep -A1 -B3 network
command and got the following output.
root@OPNsense:~ # pciconf -lv | grep -A1 -B3 network
em0@pci0:0:25:0: class=0x020000 rev=0x04 hdr=0x00 vendor=0x8086 device=0x153a subvendor=0x1028 subdevice=0x05a4
vendor = 'Intel Corporation'
device = 'Ethernet Connection I217-LM'
class = network
subclass = ethernet
--
re0@pci0:4:2:0: class=0x020000 rev=0x10 hdr=0x00 vendor=0x10ec device=0x8169 subvendor=0x10ec subdevice=0x8169
vendor = 'Realtek Semiconductor Co., Ltd.'
device = 'RTL8169 PCI Gigabit Ethernet Controller'
class = network
subclass = ethernet
em0 is LAN and re0 is WAN.
I am enabling IPS on WAN.
When IPS is enabled, after a while, the ping command hangs up.
If IPS is disabled, the ping command will be issued again.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Loss network when I enable IPS
«
Reply #5 on:
January 18, 2023, 10:06:42 am »
I would venture a guess that it's the realtek driver not playing nice. It hasn't played well in freebsd for ages. Infamous for the "watchdog error".
You could try using the vendor driver (module) instead of the one inculded in base. I'm away so can't check but I think it might be available as a plugin.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Loss network when I enable IPS