...
1.1) Open the configuration of the Unified Firewall in a browser and go to the menu Monitoring & Statistics → Settings.
1.2) In the dropdown-menu IDPS Alert select the option Save Raw Data Locally in order for the Unified Firewall to log packets which are recognized and blocked by IDS/IPS.
Click Save afterwards.
1.3) Go to the menu Monitoring & Statistics → Logs → Alert Log.
1.4) In the field More Filters select the parameter Category: IDPS to limit the Alert Log to IDS/IPS messages.
1.5) Select an event you want to allow, click on the "gear symbol" and on Ignore Rule afterwards afterwards (in this example DNS requests to the DNS server 9.9.9.9 were recognized by a UPnP broadcast was recognized by IDS).
1.6) Repeat step 1.5) for additional events if necessary.
...
2.1) Go to the menu UTM → IDS/IPS.
2.2) You can find the exception created in step 1.5) under Ignore Rules. If necessary you can edit the exception or delete it via the "dustbin symbol", if the exception isn't needed anymore.
| Info |
|---|
The Mode controls how the feature IDS/IPS works:
|
