Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jin_Zhou
Contributor

Will IPS inspect decrypted traffic on a gateway with site-to-site VPN?

I am trying to figure out IPS workflow on an R80.10 gateway with site-to-site VPN. Does it inspect the traffic after it is decrypted or just the encrypted traffic which probably won't have much to be inspected. Thanks.

0 Kudos
1 Reply
Timothy_Hall
Champion
Champion

On an R77.30 gateway traffic decrypted from a VPN will only be inspected if the Protection Scope setting is set to "Perform IPS inspection on all traffic", assuming the VPN tunnel is terminating on an external interface.

For an R80.10+ gateway, IPS will inspect the traffic after decryption assuming a TP rule matches the decrypted traffic attributes, and the Profile in the matching TP rule's Action column calls for IPS inspection.

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events