On an R77.30 gateway traffic decrypted from a VPN will only be inspected if the Protection Scope setting is set to "Perform IPS inspection on all traffic", assuming the VPN tunnel is terminating on an external interface.
For an R80.10+ gateway, IPS will inspect the traffic after decryption assuming a TP rule matches the decrypted traffic attributes, and the Profile in the matching TP rule's Action column calls for IPS inspection.
Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
