Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Span port for network intrusion detection

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 5.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zimba
      last edited by

      Hi,

      I have pfsense setup on a box that contains three NIC interfaces. I have one configured for WAN and the other for LAN. I was wondering if it is possible to setup port mirroring/span with the third NIC so  I can send network packets from there to a network intrusion detection server?

      If anyone can shed some light on how to do this, that would be great!

      Thank you all for your time!
      Regards,
      Ken

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Interfaces - Assign - Bridges - Advanced Options  - Span Port

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          wouldn't you normally just do that at your switch?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • Z
            zimba
            last edited by

            Thanks,  doktornotor

            @johnpoz: Yes, normally you would do that at the switch however I have an unmanaged switch. I was planning to put a TAP switch but the fact that I have three NIC's already on the firewall box and pfsense has spanning capabilities, I was thinking of going that route.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.