Sorry if this is in the wrong section!
I have been running pfSense+Snort within ESXi without a hiccup an Intel NIC is passed through directly via VT-d. Recently, I decided to give Suricata another go. I cloned the current setup, and deployed it under a different name. I removed Snort and installed Suricata. Spent the next few days configuring it in IPS Inline mode utilising Hyperscan.
My network setup as follows:
Secure Line (oVPN)
The issue I am currently facing is that yesturday, I was unable to obtain a DHCP lease from Management, nor Secure Line. I gave the box a reset and had brief access. However, the console was found to be full of the following errors:
If I set a Static IP on the management vlan, I am able to communicate with the ESXi interface, and other hosts. However, I am unable to communicate with pfSense interface. Doing a soft resart (stops services, and re-runs the boot) I would appear that it would work briefly, and then stop prompting the above console errors.
At this current time, I have tried restarting pfSense fully, fully power cycled the switch and the server itself, to no avail. There has been no software or configuration changes and has been running sweetly, it has really on just started happening. As such, I have reverted back to the pfSense Snort VM which appears to be working fine.
Anyone have any pointers as to what has caused these issues to start, and how do I go about rectifying it?
I've narrowed the issue to Suricata on the LAN Interface, can a mod please move this thread to the relevant section?
I've disabled Suricata on the LAN interface, and it appears to be working fine now, what gives?