Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VLAN, Trunk interface?

    IDS/IPS
    2
    2
    572
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Velcro
      last edited by

      I have a number of VLANs running trunked thru a dedicated interface. I have snort running on each VLAN so I can customize…

      I understand the "permiscuous" nature of Snort in that if Snort is running on the trunk it will alert to traffic on the VLANs.

      Is it best practice to not run snort on the trunk and have it running on the VLAN interfaces?

      Thanks in advance...

      1 Reply Last reply Reply Quote 0
      • NogBadTheBadN
        NogBadTheBad
        last edited by

        I run Snort on the VLANS and exclude the parent interface, the untagged VLAN on my settup id for LAN management.

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.