Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
678
Views
4
Helpful
5
Replies

TCP reset

Go to solution
wasiimcisco
Level 1
Level 1

‎08-29-2008 08:11 AM - edited ‎03-10-2019 04:16 AM

I am unable to configure the TCP Reset on my IPS 4255 in Promiscous mode.

I have declare one interface of 0/0 IPS as tcp reset, for interface gig 0/1.

but still not working. Please tell me how to configure and how to verify the configuration.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-30-2008 10:16 AM

Make a custom STRING TCP signature direction 'to server' for Telnet (Port 23). Match on any string like 'abcd'. Now telnet on the SPANNED vlan, and then try to type abcd. as soon as you type 'd' (the last letter) your telnet connection will get stuck :)

Regards

Farrukh

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni

‎08-29-2008 12:02 PM

Did you add the ingress keyword on the switch? Can you post your SPAN configs?

Regards

Farrukh

0 Helpful

Go to solution
wasiimcisco
Level 1
Level 1
In response to Farrukh Haroon

‎08-30-2008 06:24 AM

Please see the span configuraiton,

monitor session 1 source interface Gi1/0/1

monitor session 1 destination interface Gi1/0/5

now when i try to give the ingress keyword it gave me error of incomplete command error.

dot1q ingress forwarding using dot1q encapsulation

isl ingress forwarding using isl encapsulation

untagged ingress forwarding using untagged encapsulation

vlan Set default VLAN for untagged ingress traffic

I have only one VLN 1 and 13 as native VLAN on my switch.

All switch ports are member of VLAN 1.

Switch is trunk with other switch

PDC-OUT-3750-1#sh interfaces trun

PDC-OUT-3750-1#sh interfaces trunk

Port Mode Encapsulation Status Native vlan

Po1 on 802.1q trunking 13

Port Vlans allowed on trunk

Po1 1-4094

Port Vlans allowed and active in management domain

Po1 1,13

Port Vlans in spanning tree forwarding state and not pruned

Please let me know which option to select after ingress.

I will be very greatful to you.

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-30-2008 08:03 AM

ingress vlan 1

Regards

Farrukh

Go to solution
wasiimcisco
Level 1
Level 1
In response to Farrukh Haroon

‎08-30-2008 10:02 AM

Thanks for the reply, but please let me know how the verify that the tcp reset is working. I have signature that has action configured to rest tcp connection.

but how can i verify that tcp rest is working.

0 Helpful

Go to solution
Farrukh Haroon
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-30-2008 10:16 AM

Make a custom STRING TCP signature direction 'to server' for Telnet (Port 23). Match on any string like 'abcd'. Now telnet on the SPANNED vlan, and then try to type abcd. as soon as you type 'd' (the last letter) your telnet connection will get stuck :)

Regards

Farrukh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card