Author Topic: Adding LAN suspends connection via WAN (Read 360 times)

LiorY · « **on:** May 23, 2024, 08:08:58 am »

Im running OPNsense on PROXMOX and when I have a WAN ips I can access the GUI, after I add LAN my connection is lost.
Any ideas?

meyergru · « **Reply #1 on:** May 23, 2024, 08:48:14 am »

That is why there is an "IDS" setting. Enable only that, see what gets flagged in the logs and then either disable those specific rules or remove the root cause. Obviously, when you jump directly to "IPS", some anticipated problems cause a disconnection.

LiorY · « **Reply #2 on:** May 23, 2024, 09:27:59 am »

I actually removed all rules of NAT and filter before adding the new LAN, which means I shouldnt have any disruption between the networks.

meyergru · « **Reply #3 on:** May 23, 2024, 11:22:18 am »

You cannot remove IPS rules by fiddling with NAT and firewall settings.

If you enable suricata IPS, it will detect, log and block anything suspicious. With only IDS enabled, it will detect and log only.

However, when your are locked out, you obviously cannot inspect the logs to see which suricata (i.e. not NAT/firewall) policies or rules cause the block. These are on a tab under "Intrusion Detection", not in the firewall or NAT rules.

Author Topic: Adding LAN suspends connection via WAN (Read 360 times)

LiorY

Adding LAN suspends connection via WAN

meyergru

Re: Adding LAN suspends connection via WAN

LiorY

Re: Adding LAN suspends connection via WAN

meyergru

Re: Adding LAN suspends connection via WAN