cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
623
Views
0
Helpful
1
Replies

ip tcp intercept mode and syn timeout

mlopacinski
Level 1
Level 1

Hello

I am using "ip tcp intercept mode" in default intercept mode. What is the timeout for SYN packets ? As i understeand from documentation "ip tcp intercept watch-timeout" is only used for watch mode :(

Thanx

1 Reply 1

vmoopeung
Level 5
Level 5

When TCP intercept is enabled, it operates in intercept mode by default. In intercept mode, the software actively intercepts TCP SYN packets from clients to servers that match the specified access list. For each SYN, the software responds on behalf of the server with an ACK and SYN, and waits for an ACK of the SYN from the client. When that ACK is received, the original SYN is sent to the server, and the code then performs a three-way handshake with the server. Then the two half-connections are joined.

In watch mode, the software allows connection attempts to pass through the router, but watches them until they become established. If they fail to become established in 30 seconds (or the value set by the ip tcp intercept watch-timeout command), a Reset is sent to the server to clear its state.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: