From: Bezverkhi, Serguei (Serguei.Bezverkhi@xxxxxx)
Date: Wed May 22 2002 - 12:17:27 GMT-3
I don't think that you will be able to accomplish that with tcp
intercept. I think and I will try tonight to do it with reflexive access
list and time-range
I let you know the result
Regards
Serguei
-----Original Message-----
From: CCIE-Maillist [mailto:CCIE-Maillist@foxgal.com]
Sent: May 22, 2002 10:10 AM
To: ccielab@groupstudy.com
Subject: tcp intercept
I am trying to configure tcp intercept but don't have any practical
experience with it. If a lab says that you are getting a lot of rogue
packets and to configure it such that hosts can get through every one
and a half minutes, no matter how many rogue packets you are getting-
which setting do you set for the 1.5 minutes?
I am looking on the webpage-
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
fsecu
r_c/ftrafwl/scfdenl.htm
My guess is to set the watch timeout but can someone who has experience
confirm whether or not that is correct?
Thanks,
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:04 GMT-3