Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
499
Views
0
Helpful
1
Replies

Cisco IPS 4240 Questions

shoaibalam
Level 1
Level 1

‎04-13-2005 12:50 AM

1. When we configure TCP resets, Shunhost, or Shunconnection in the "action" option of the IPS 4240, is this action taken on behalf of IPS through its Command and control port or the Monitoring port?

2. If through Monitoring port then if we take the "show interface" on the Switch for the SPAN port, its something like "line protocol down(monitoring)", then how come switch get resets from this port when its line protocol is down?

I have this confusion, any comments plz...

Labels:
0 Helpful
1 Reply 1

mustafa.mail
Level 1
Level 1

‎06-11-2005 11:44 PM

Hi,

Monitoing interface used to send the tcp rests. Command & Control interface is used for Shun.

Your Switch which is being monitored with either SPAN or VACL capture should accept incomming packets on SPAN or VACL capture port. Otherwise your tcp-rest feature will not work.

Regards,

Mustafa.

0 Helpful
Customers Also Viewed These Support Documents