From: akbar khan (ciscokhan@hotmail.com)
Date: Wed Sep 01 2004 - 02:26:16 GMT-3
Hey Tim,
The TCP intercept mode or watch mode is configured on the router on all
common TCP sessions hence you cannot use either mode for some TCP
sessions.
BTW be aware of the ACL you use here i.e. access-list 101 permit tcp any
host x.x.x.x where any is any source and x is the destined server that
need to be watch.
Hope that Helps,
Akbar Khan
CCIE#13737
>From: "ccie2be" <ccie2be@nyc.rr.com> >Reply-To: "ccie2be"
<ccie2be@nyc.rr.com> >To: "Group Study" <ccielab@groupstudy.com>
>Subject: TCP Intercept >Date: Mon, 30 Aug 2004 18:25:04 -0400 > >Hi
guys, > >I've just been going over the above feature and it looks like
it's not >possible to configure the router to use Intercept Mode for some
tcp >connections and Watch Mode for other connections. > >Can someone
confirm or correct my understanding? > >From what I can tell, the
command, ip tcp intercept list acl#, just specifies >which tcp
connections are subject to tcp intercept. While the command, ip tcp
>intercept mode <intercept | watch >, specifies which mode to use for the
tcp >connections already specified by the first command. > >If this is
true then it's not possible to use different modes for different
>connections - unless there something I'm missing. > >If there is a way
to use different modes for different connections, could >someone provide
an example of how that could be configured? > >Thanks for any help that
can be offered. Tim >
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com > >Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
------------------------------------------------------------------------
The new MSN 8: smart spam protection and 2 months FREE*
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:34 GMT-3