How to feed so with multiple networks #12132
Replies: 1 comment
-
|
If your Security Onion sensor has more than two ports (Minimum 1 for management and 1 monitor port) you can have the additional ports be monitor ports as well. That way you would just directly connect the networks you want to monitor into its own port on the Security Onion sensor. For identifying if certain traffic is reaching your monitor ports you can run tcpdump like sudo tcpdump -i bond0 net 10.0.0.0/16 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello everyone,
Really new on so and trying to figure out some things.
I have numerous pfsenses and i want to feed so with network traffic.
I have created trunk interface at each pfsense and i am trying to migrate all of them using a switch and connecting them at the monitor port of so.
Can you help me identifying some solutions?
Tried a common dump switch but i had really low network traffic.
Also how can i test that all traffic from pfsense reaches so?
Beta Was this translation helpful? Give feedback.
All reactions