Snort on OpenVPN/DMZ Interfaces

  • Hey all,

    I've installed pfSense on my ESXi box and everything is working great (knock on wood!). My current setup looks like this:

    [OpenVPN Server]<====>[Modem]<====>[pfSense]<====>[PC]

    The PC is connected to an OpenVPN server, with pfSense being the client. I've setup Snort on the WAN interface, but my question is would I also need to setup Snort on the OpenVPN interface as well to make sure that my network is protected? While the server is trusted, I'd rather be safe than sorry (in case it gets compromised since I have no control over it).

    Also, do I need to enable Snort on the DMZ interface? Or is enabling it on the the WAN interface is a "catch all" system?

Log in to reply