• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

VLAN, Trunk interface?

Scheduled Pinned Locked Moved IDS/IPS
2 Posts 2 Posters 578 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    Velcro
    last edited by Aug 4, 2017, 3:55 PM

    I have a number of VLANs running trunked thru a dedicated interface. I have snort running on each VLAN so I can customize…

    I understand the "permiscuous" nature of Snort in that if Snort is running on the trunk it will alert to traffic on the VLANs.

    Is it best practice to not run snort on the trunk and have it running on the VLAN interfaces?

    Thanks in advance...

    1 Reply Last reply Reply Quote 0
    • N
      NogBadTheBad
      last edited by Aug 4, 2017, 4:40 PM

      I run Snort on the VLANS and exclude the parent interface, the untagged VLAN on my settup id for LAN management.

      Andy

      1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received