Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port mirroring - pfsense in Proxmox

    Scheduled Pinned Locked Moved Virtualization
    1 Posts 1 Posters 807 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MH5Dx
      last edited by MH5Dx

      Hi,

      I installed pfsense in proxmox and redirect all the traffic "coming from proxmox/internet" to an interface called vmbr1 on the WAN side of pfsense.

      I would like to install Security Onion IDS (in a VM under proxmox) in the "LAN" part of pfsense and monitor vmbr1 traffic.

      On my point of view, I need to get a span port (or similar) on vmbr1, sending this traffic copy to an interface on the LAN side of my pfsense in order to be read by Security Onion VM.

      Nevertheless, at the moment, I don't know how to do that. Any idea?

      Of course, there should be Dup-to but not so well documented if not wrong...
      Also, should be possible eventually with IPtables mantrap but not so nice also...

      A process inside pfsense would be welcome.
      I supposed to create a span interface on WAN side and then copy again traffic to an interface on LAN ?

      Thanks in advance for your attention and answer.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.