Solved: Re: Problem configuring TCP intercept

manuel.dennis · ‎04-27-2011

I am having a problem configuring TCP intercept.

I follow the example in the configuring TCP Intercept PDF (attached) I downloaded from Cisco.

In the terminal configuration mode, I enter:

access-list 101 permit tcp any 192.168.1.0 0.0.0.255

(using my actual IP address range of course)

and

ip tcp intercept list 101

.

I get an invalid entry response from the IOS with the ^ under the i in intercept.

I am not running NAT.

Any ideas?

Antonio Knox · ‎04-27-2011

Check the IOS version in Cisco Feature Navigator. It may not be supported.

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

View solution in original post

Antonio Knox · ‎04-27-2011

Check the IOS version in Cisco Feature Navigator. It may not be supported.

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

manuel.dennis · ‎04-27-2011

I am running c3845-advsecurityk9-mz.151-3.T. It is not listed as supporting TCP Intercept. So now I know why I can't configure it. Strange that other versions of 15.1(3) do but this one doesn't. It never occured to me that some version of a base IOS wouldn't support all the features supported by the base IOS. Thanks.

Manny

Antonio Knox · ‎04-27-2011

Happens to us all my friend.