====== PFSense - Suricata - Install Suricata - Have Suricata Monitor the LAN Interface ======

===== Copy the WAN settings to LAN =====

Navigate to **Services -> Suricata -> Interfaces**.

Against the previously configured WAN interface, select to make a copy:

{{:pfsense:suricata:install_suricata:pfsense_-_services_-_suricata_-_interfaces_-_wan_-_copy.png?800|}}

----

==== Configure LAN ====

The settings will initially be the same as previously configured for the WAN.

  * Interface should automatically show LAN, but select the right interface here as required.

Change these settings for the LAN:

  * Alert Suppression and Filtering:  **LANSuppressList**.  Select the LAN Suppress List.
  * Block Offenders:  **Not Checked**.  Initially do not block LAN, just monitor.

<WRAP info>
**NOTE:**  It is highly recommended to not enable blocking on the LAN at first.

This could result in internal devices being locked out until they were released.

Instead, recommendation to run without blocking for say a week or so, checking what alerts are raised against the LAN, and suppressing any false positives as needed.

Once happy with the changes, say after a week, then Check the **Block Offenders**.
</WRAP>