I have pfSense with multiple interfaces to separate networks using virtual NICS (WAN, LAN, IOT, TEST) each using a dedicated port on a physical NIC. Is it possible to pass the traffic traversing that port to another VM running Security Onion configured as a dedicated Sensor node? My goal is to have a single Security Onion Sensor that has a NIC on each of the virtual NICS.
Not sure as it’s nothing I have attempted. We rarely ever run production pfsense virtualized.