IE VOL2 , LAB 14 : task 9.1, watch mode or intercept mode ?

From: Reza Toghraee (reza@toghraee.com)
Date: Mon Sep 22 2008 - 12:09:21 ART

• Next message: davidytk: "RE: Voice Question about AAR configuration"
• Previous message: Ali Mousawi: "Re: RFC3330"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello

in task 9.1, question asks for making R4 be PROXY for all TCP sessions, so
it should be in intercept mode.

but in solution guide we are using "watch-timeout" to close the incomplete
connections after 30 seconds.

in cisco docs it says: "In watch mode, connection requests are allowed to
pass through the router to the server but are watched until they become
established. If they fail to become established within 30 seconds
(configurable with the ip tcp intercept watch-timeout command), the software
sends a Reset to the server to clear up its state."

I think we can use the "ip tcp intercept connection-timeout 30" in INTERCEPT
mode.

any idea?

Regards

Reza Toghraee

Blogs and organic groups at http://www.ccie.net

• Next message: davidytk: "RE: Voice Question about AAR configuration"
• Previous message: Ali Mousawi: "Re: RFC3330"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 04 2008 - 09:26:19 ART