From: scott mann (smann0762@xxxxxxxxxxx)
Date: Wed Apr 10 2002 - 17:08:11 GMT-3
Yes, but I would like to timeout the connection even if the user DOES
establish the connection...I want an absolute timeout.
Thanks
>From: Tarek Sabry <tsabry@houston.sns.slb.com>
>Reply-To: tsabry@slb.com
>To: 'scott mann' <smann0762@hotmail.com>, ccielab@groupstudy.com
>Subject: RE: IP TCP Intercept question
>Date: Wed, 10 Apr 2002 14:58:41 -0500
>
>Scott
>
>It seems that what you need is to set the "watch-timeout" and not the
>"connection-timeout". The former is defined as the "time allowed to reach
>established state". So if the user fails to establish the connection after
>this timeout, the router send a reset to the server to drop the connection.
>
>So the right command (in my humble opinion) would be:
>
>"ip tcp intercept watch-timeout [seconds]"
>
>It sounds misleading to use the "watch" timeout when in "intercept" mode,
>but that's what the documentation says!
>
>Let's hear from experts too ....
>
>Tarek
>
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
>scott mann
>Sent: Wednesday, April 10, 2002 2:24 PM
>To: ccielab@groupstudy.com
>Subject: IP TCP Intercept question
>
>
>Can anyone tell me if using the below command will disconnect the
>user/connection or simply cause the router to stop managing (keeping stats
>or control of) the user/connection. I want to disconnect the
>user/connection
>after a specific timeout period irregardless of his authentication/TCP
>status.
>
>"ip tcp intercept connection-timeout [seconds]"
>
>Below is the Cisco Link, but it is not specific.
>
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secu
>r_c/scprt3/scddenl.htm
>
>Thanks,
>Lab in 2 days.
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:04 GMT-3