I was affected by the IPS Talos issue last weekend, leading to a clean install and restoration of backup config. Today, after a full week of running without issues (after I disabled the Talos ruleset), I realized I had not enabled WIO. So I did, and shortly thereafter, our IPSec VPN started failing. I quickly went back to the WIO page and unticked the Enable checkbox. What happened next looked exactly like the issue with the Talos ruleset. I lost the ability to access the Web UI and we lost internet access. I went to the firewall and tried to access it locally with a monitor and keyboard. Keyboard was not accepting inputs, so I could not log in. So I hit the reset button on the machine and fortunately, it booted back up in a fully functional state. I went back to the WIO page and noted that it was still disabled. So far, it has been functioning normally. Since it is a production firewall, I don’t have the luxury to re-enable WIO and see if the problem repeats, so I at least wanted to report it here to see if anyone else has noticed this. Could someone with a testing environment test this?
I have IPS running with WIO on Cu164 without any problems on my production system andon my vm test bed.
I sm not saying it can’t be involved but i can’t think how.
I don’t run ipsec on my production system and on my vm i havectge seever set up but i haven’t yet got a cluent set up so i can’t test if it is working or not when wio and ips are running.
Openvpn road warrior is working fine for me with wuo and ips enabled and running.
In ips i have emerging threats and abuse.ch ruleset providers selected.