OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: dpbklyn on May 03, 2017, 06:20:34 pm

Title: Unsure of IDS Status
Post by: dpbklyn on May 03, 2017, 06:20:34 pm

Hello and TYIA~

I followed these instructions:
https://docs.opnsense.org/manual/how-tos/ips.html

and am not getting the expected results.  After enabling the IDS rules, they still show as "not installed" in the rule list. (see attached)

How can I tell if these rules are installed and working?

Thank you,

dp

Title: Re: Unsure of IDS Status
Post by: csmall on May 03, 2017, 09:49:36 pm

After enabling them you have to download the rules

Title: Re: Unsure of IDS Status
Post by: dpbklyn on May 16, 2017, 07:27:14 pm

Sorry for the delay...

When I click "Download & Update Rules" the pinwheel spins for a moment then stops.  The rules never show as "Installed"

What am I missing?

Title: Re: Unsure of IDS Status
Post by: csmall on May 16, 2017, 08:49:50 pm

Quote from: dpbklyn on May 16, 2017, 07:27:14 pm

Sorry for the delay...

When I click "Download & Update Rules" the pinwheel spins for a moment then stops.  The rules never show as "Installed"

What am I missing?

Enable IDSand IPS the click apply

Check rules and then click enable selected.

After they are marked enabled click download rules.

Title: Re: Unsure of IDS Status
Post by: dpbklyn on May 16, 2017, 09:46:33 pm

Thank you for getting back.

OK...I thought I did that when I initially set up IDS/IPS.  But just to be sure, I disabled all the rules, then disabled IDS and IPS.

Re-inabled and got the same result.

My FIrmware is 17.1.4 (2017-03-29).  I understand that there is a more recent Firmware, but I cannot update to it.  I tried using the default server and the server in Nebraska and I got the message: Could not find the repository on the selected mirror.

I am not sure if these are related, but just thought I'd give you all the information I have.

Thank you,

dp

Title: Re: Unsure of IDS Status
Post by: csmall on May 16, 2017, 10:16:13 pm

Quote from: dpbklyn on May 16, 2017, 09:46:33 pm

Thank you for getting back.

OK...I thought I did that when I initially set up IDS/IPS.  But just to be sure, I disabled all the rules, then disabled IDS and IPS.

Re-inabled and got the same result.

My FIrmware is 17.1.4 (2017-03-29).  I understand that there is a more recent Firmware, but I cannot update to it.  I tried using the default server and the server in Nebraska and I got the message: Could not find the repository on the selected mirror.

I am not sure if these are related, but just thought I'd give you all the information I have.

Thank you,

dp

Is this for home or business? If home, just reinstall and be sure it is all clean.

Business, make the call.

Title: Re: Unsure of IDS Status
Post by: dpbklyn on May 17, 2017, 02:09:26 pm

Just to close this circle...

I did a factory reset and re-configured the firewall.  All is well.

Thank you,

dp