Operate Zenarmor in "Layer 2" mode with Transparent Bridge?

[TheFNGee]

I got my OPNSense/Protectli combination functioning as a transparent bridge. Since a doc from Zenarmor was very helpful in getting this going, I decided I'd check out Zenarmor Free. It's been running for a week or so, and I checked out the Zenarmor dashboard. It told me that out of over 400 detected possibly harmful activities, it blocked none of them. I was surprised and wondered if I'd misconfigured Zenarmor. I went to check out policies, and being the "Free" version, I could not add a policy beyond the default. 

I then subscribed to the "Home" version. It's cheap enough, and the more protection, the better. I went to the "Settings" page and saw that it was operating in Layer 3 mode.  With my limited networking knowhow, I wondered if I shouldn't be running in "Layer 2" mode since the whole thing is a bridge.  When I tried to set it to "Layer 2" mode, it kept popping up an error.

Sorry, I'm not sure how to resolve this issue, if it even IS an issue. 

The whole page looks like this

Thanks,
TheFNGee

[IHK]

Hi,

This is because none of the more than 400 malicious activities detected are blocked in your policies.
All you have to do is enable blocking in your policies.

I also recommend that you remove the "WAN" tag on your MGMTLAN interface.

The recommended deployment mode is generally to use L3 Routed with emulated netmap driver mode. Of course, you can make changes according to your network and system.
You can take a look at the document below to examine the deployment mode in detail.

https://www.zenarmor.com/docs/guides/deployment-modes#2-routed-mode-l3-mode-reporting--blocking

I hope this information was useful to you.

If you need further support, please open a ticket by following the instructions below.

https://www.zenarmor.com/docs/support/reporting-bug

[TheFNGee]

Thanks a bunch!

TheFNGee

[akh@nbhlw14.de]

Hallo,

have the same Problem.

But i cant get my configuration into Bridge Mode L2 Mode.
OPN Sense 24.10
Silicom Bypass-Adapter

egb0_LAN
egb1_WAN
egb2_DMZ
egb3_ADM
em0_onboard

i will traffic between LAN <=> "DMZ" (on DMZ Switch all Traffic from our "VPN OutSites" come in
7 x Router - VPN - Router.
(But the Sites are not trustworthy - because i dont know what is going on there)

So i make a OPNSense Bridge between LAN and "DMZ" 

Zenarmor runs in reporting only Mode so i think all is ok.


But I cant get it to Bridge Mode L2 Mode ??

I think i take LAN and DMZ with the right security Zones

Apply

Error - For Bridge Mode, you need to assign an interface for each lan and
wan security zones.

I test x constellations / combinations

See also Picture

I dont unterstand whats wrong ? https://forum.opnsense.org/Smileys/default/undecided.gif

Please help

Thanks

AKH

[IHK]

Please set Zenarmor in L3 Router Mode with Netmap Emulated driver and protect the Inner (LAN) side interface of Bridge. This will provide you to Monitor your Bridge on Zenarmor.

Hallo,

have the same Problem.

But i cant get my configuration into Bridge Mode L2 Mode.
OPN Sense 24.10
Silicom Bypass-Adapter

egb0_LAN
egb1_WAN
egb2_DMZ
egb3_ADM
em0_onboard

i will traffic between LAN <=> "DMZ" (on DMZ Switch all Traffic from our "VPN OutSites" come in
7 x Router - VPN - Router.
(But the Sites are not trustworthy - because i dont know what is going on there)

So i make a OPNSense Bridge between LAN and "DMZ" 

Zenarmor runs in reporting only Mode so i think all is ok.


But I cant get it to Bridge Mode L2 Mode ??

I think i take LAN and DMZ with the right security Zones

Apply

Error - For Bridge Mode, you need to assign an interface for each lan and
wan security zones.

I test x constellations / combinations

See also Picture

I dont unterstand whats wrong ? https://forum.opnsense.org/Smileys/default/undecided.gif

Please help

Thanks

AKH