Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Copy traffic to external IDS

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wian
      last edited by

      Hi,

      I would like to connect an external IDS (securityonion) to pfsense and need to create something like a span port. I have a spare NIC and would like to copy all traffic between the LAN and WAN to this interface and hook this up to security onion.

      Is this possible? If so, can you give me a hint on how to configure this?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • H
        HiTekRedNek
        last edited by

        Bump ::)

        Also interested on how to forward to a dedicated "security onion" box.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Best to use a span port on your switch or a network tap. You can use the span feature of bridges to accomplish the same.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.