[Snort-users] Snort and OpenVPN

Dmitry Korzhevin dmitry.korzhevin at ...15907...
Tue Feb 4 05:27:54 EST 2014


Hi, Please, advice - what i did wrong with configuration of my snort 
install - i can't see any openvpn traffic with my current snort config, 
thru i can see regular traffic, pptp, ipsec.

Snort installed on one server together with openvpn, openvpn has 3 
interfaces: tun0, tun1, tun2.

If i run snort manually and use tun* as parameter for interface - it 
works, and i can see traffic in console.

i.e.:  snort -dev -i tun0

Maby some problems with configuration of interfaces?

My current config:

# Setup the network addresses you are protecting
ipvar HOME_NET any

# Set up the external network addresses. Leave as "any" in most situations
ipvar EXTERNAL_NET any

Whole snort.conf:

http://paste.debian.net/plain/80076




Best Regards,
Dmitry

---
Dmitry KORZHEVIN
System Administrator
STIDIA S.A. - Luxembourg

e: dmitry.korzhevin at ...15907...
m: +38 093 874 5453
w: http://www.stidia.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4587 bytes
Desc: ���������������������������������� �������������� S/MIME
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140204/2163724b/attachment.bin>


More information about the Snort-users mailing list