Pfsense ids(snort) on bridge interface

  • i have a setup of lan and wan in which i want to deploy pf sense ids.i don't want to disturb existing network so i decide to make LAN and WAN interface of pf sense device as a bridge interfaces so that there will be no change in network.
    i have some queries regarding scenario..
    1.when LAN and WAN are in bridge,is it necessary to attach my LAN(switch) side with pfsense's LAN interface although both lan and wan are bridged so logically there is no difference if i attach my LAN with LAN or WAN interface of pf sense device??besides the interfaces rules of allowing or blocking,are there any built-in rules for LAN and WAN interface that can make difference??
    2.In bridge mode,should i enable IDS(snort) on bridge interface only or on all interface like on LAN,WAN and bridge.
    3.i want to deploy pfsense device between a trunk link,although pfsense in bridge mode will not effect the tagged traffic,but i want to access pfsense from my LAN(switch in which vlans are configured)…is it possible??


Log in to reply