Suricata as fail2ban

Sorry, is it possible to configure Suricata as fail2ban to block an IP after 5 attempts and block it for 24 hours?
There is pfSense gateway with admin web interface and VPN.
Could Suricata protect pfSense web interface as fail2ban from bruteforce attacks?
Could Suricata protect VPN (OpenVPN or L2TP/IPsec) connections on pfsense from bruteforce attacks?

While in theory it could in IPS mode I would recommend using the builtin features for that. AFAIK pfsense also has an option to use the logs to add IPs on a blocklist via internal firewall tooling.

SO what is left is to have signatures using the threshold to match on specific brute force attempts that you want to cover.

This could be accomplished with something link Sagan (GitHub - quadrantsec/sagan: Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather than network packets.).