Hi,
If you place your IDS after your router and before your firewall it must be configured to be the least sensitive, as it will see the most traffic and the possiblity of false positives will increase. Most IDSs these days are deployed outside the network firewall, where they detect any attack and send an alarm. By contrast, if an IDS were placed within the firewall, it would detect only attacks that penetrate that security shield.
The latter approach, though less used, is the better one. It saves the system administrator from wasting time on failed attempts to enter the system. (Remember, a firewall is actually preventing the attacks on the system, and it will do so regardless of whether an IDS is in place to monitor real-time attacks.)