Hey all, I’ve been trying to figure out why enabling IPS kills my network. I have some services I host and would like to get some sort of IPS running. I used to have Snort running through pfSense and didn’t experience issues like this.

Edit: as an update to this, I resolved it by installing the realtek plugin.

  • Toaster@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    10 months ago

    It sounds like your IPS rules are wrong, but we would need more info. Rules, network topology and flow, too many variables without more info.

    • Matty_rOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      I don’t think it’s the IPS rules themselves because they were set to Alert only. I just enabled a few of the standard rule sets that are available.

      I’m using a Beelink GK55 and seemed to be fine with pfSense.

      As for the topology, I’ve got one ipv4 WAN gateway on one NIC, and the other NIC is for the LAN which connects through a couple UniFi switches. There are 3 VLANs as well.