Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort blocks users connection to OpenVPN

    pfSense Packages
    1
    1
    2696
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tnine
      last edited by

      Hi guys,
       I've installed the default package for Snort and it's been working well.  I've enabled basic http rules as well as port scanning rules on our 2 WAN connections.  Unfortunately, I've found that once I connect to our OpenVPN server, snort will eventually block the client.  It appears that it thinks I'm port scanning.  Is there any way to exclude clients from getting blocked that are connecting to specific host and port?  I don't think the whitelist won't work for me, since I have no idea which ip address the client could connect from.  I found the answer in this forum post here.

      https://forums.snort.org/forums/support/topics/how-to-ignore-alerts-for-a-specific-destination-ip-address

      However I can't seem to find a way to add this via the web interface.  Any suggestions?

      Thanks,
      Todd

      1 Reply Last reply Reply Quote 0
      • First post
        Last post