Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Intel i225-V - IPS in promiscuous mode blocking all traffic / snort rules issue
« previous
next »
Print
Pages: [
1
]
Author
Topic: Intel i225-V - IPS in promiscuous mode blocking all traffic / snort rules issue (Read 1463 times)
ASea7Cxto
Newbie
Posts: 1
Karma: 0
Intel i225-V - IPS in promiscuous mode blocking all traffic / snort rules issue
«
on:
April 23, 2023, 01:27:40 am »
Hello,
I would like to ask about two problems I have with opnsense, If somebody encountered them or could help me with solution.
1.
I am using opnsense for quite some time, before I was using supermicro box with no problems. I wanted to upgrade and bought box with 6x Intel i225-V 2.5Gb NICs and I have encountered one major problem. If I enable IPS on single WAN interface in promiscuous mode, after aprox 10min its blocking all the traffic. Tried fully clean install, with clean config, HW offloading disabled (for VLANs too), only some ET rules for exploits, scans etc. No blocking policy set. No special rules for routing etc. set. completely clean. Using unbound DNS (whitelisted in IDS/IPS settings)
I think this might be issue with drivers for the NICs. Is it possible to "reinstall" them or is there any log for me that I can find the error messages for the interface? Do you know about possible fix for this issue?
running opnsense 23.1.6 / Intel(R) Celeron(R) N5105 / 16Gb RAM.
2.
I have also problem with downloading snort rules ( snort id/download working fine, checked multiple times ). When I insert the values in webUI, the download fail with 403 ( again, everything checked - tried "brute-force" modifying the .xml file for snort rules and the download did not fail, so there is probably some issue with the webUI ). In current state (ad 1.) snort rule script file not modified and using only the ET, since I wanted to cleanly throubleshoot... but this is probably separate issue
Thank you for all your answers and help.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Intel i225-V - IPS in promiscuous mode blocking all traffic / snort rules issue