From Cisco.com
http://tinyurl.com/29yx4w9
In intercept mode, the TCP intercept software intercepts TCP synchronization
(SYN) packets from clients to servers that match an extended access list. The
software establishes a connection with the client on behalf of the destination
server, and if successful, establishes the connection with the server on behalf
of the client and knits the two half-connections together transparently. Thus,
connection attempts from unreachable hosts will never reach the server. The
software continues to intercept and forward packets throughout the duration of
the connection. The number of SYNs per second and the number of concurrent
connections proxied depends on the platform, memory, processor, and other
factors
In watch mode, the IOS passively watches the connection requests flowing
through the router. If a connection fails to get established in a configurable
interval, the software intervenes and terminates the connection attempt.
Thank you,
Steve Di Bias
________________________________
From: [email protected]
[mailto:[email protected]] On Behalf Of Amer Mustafa
Sent: Wednesday, October 20, 2010 8:03 AM
To: [email protected]
Subject: [OSL | CCIE_RS] IP TCP Intercept modes.
What is the diffrences between the two modes :
R1(config)#ip tcp intercept mode ?
intercept Intercept connections
watch Watch connections
UHS Confidentiality Notice: This e-mail message, including any attachments, is
for the sole use of the intended recipient (s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure or
distribution of this information is prohibited. If this was sent to you in
error, please notify the sender by reply e-mail and destroy all copies of the
original message.
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
