IPS not working

Support
7

Hi @fasttech,
Basically you’re right but:

  1. NS is installed on a dedicated server machine and acting as UTM.
  2. RED eth is connected to the internet with public ip (WAN).
  3. GREEN eth is connected to LAN with private IP.
  4. No firewall rules for inbound and/or outbound; only Web Proxy and Web Filter.
  5. IPS is enabled with Balanced Rule Policy (tested also with Connectivity and Security Rules Policy, as @AZChas already did). Aren’t these Rules as trigger? Isn’t RED eth the sensor? I think yes. So, if these Rules is supposed to be working well, must be something written in IPS report. Am I wrong?
  6. I’m sure is some activity out there, like @stephdl said here:
    Nethserver-fail2ban needs testers - #6 by stephdl
  7. I want to use NS in production. In this moment I use it in paralel with Endian UTM.
    Please see what Endian show about IPS and how Endian use IPS.

1_Endian IPS dashboard.PNG1280×1024 507 KB

2_Endian IPS log.PNG1280×1024 177 KB

3_Endian IPS service.PNG1280×1024 89.8 KB

4_Endian IPS rules 1.PNG1280×1024 156 KB

5_Endian IPS rules 2.PNG1280×1024 146 KB

6_Endian IPS rules editor.PNG1280×1024 469 KB