PfSense forward traffic to NtopNG server.
-
hi experts, I like NtopNG but I don't want it running in the firewall so I built the latest NtopNG on a dedicated node. My question, how or which setting I can tell the firewall to forward the traffic to the NtopNG server?
-
i am also interested in this awnser!!
-
afaik you need a switch with the span protocol
https://en.wikipedia.org/wiki/Port_mirroring
https://community.cisco.com/t5/networking-documents/understanding-span-rspan-and-erspan/ta-p/3144951
https://forums.lawrencesystems.com/t/pfsense-span-port-setup-with-multiple-vlans/3460
https://docs.netgate.com/pfsense/en/latest/book/bridging/creating-a-bridge.html#span-port -
@kiokoman but then no data is send to the central ntopserver right?
-
the data is grabbed by any ntopng if you connect a cable from the span port to the pc where ntopng is running
-
@kiokoman i understand. but i am trying to accomplisch the following:
i have a central ntop server in DC and i am trying to configure multiple pfsense boxes to send ntop traffic to this central server. bu i cannot find this setting
-
anyone?
-
I dont know if anyone is still following this post,
but I found this guide
https://www.e-d-i-t.nl/ntopng-apart-from-pfsense/
which I think serves your need
I will check it out in my infrastructure as well