IPS Exception not working

Hi,

What is the firmware version? 

Tips: Disable IPS from the Policy no 70 and enable it again. It may work for you. 

FW 17.5.3

Thanks for the tip, unfortunately its not working.. same drops..

Please post the firewall rule where you have added the exception too.

Ian

Hi peerscholz

from my understanding of the IPS on the XG you have your IPS in reverse, it should be LAN to DMZ.

Ian

Does the name of the ips policy matter?

I thought what matters is that the ips policy say to allow the packages for configured ips id's..

EDIT: Additionally we have the same drops coming from WAN on a different ips policy (right name), with the same ips exceptions on that ips policy

Hi,

We never recommended a default IPS policy on any brand of firewall. The IPS is a very critical part of the firewall.  It may impact on Firewall resources like CPU, RAM and increase the delay in packets delivery etc.

I have a habit to always configure a customized policy for IPS so I can do a finetune the IP. A predefined policy is ideal for all type of environment as you have mix OS, systems etc. 

Hi,

We never recommended a default IPS policy on any brand of firewall. The IPS is a very critical part of the firewall.  It may impact on Firewall resources like CPU, RAM and increase the delay in packets delivery etc.

I have a habit to always configure a customized policy for IPS so I can do a finetune the IP. A predefined policy is ideal for all type of environment as you have mix OS, systems etc.