Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Help IDSM2 to Configure for TCP Reset

Hi All,

I'm testing IDSM2 witht the lateset IOS on a CAT 6504 with SUP72010GE. The setup is using the promiscouse mode VACL, and traffic is being captured by the IDSM2 i can see the traffic in the  Event Dasboard etc. I wish to configure the IDS to send a tcp reset for the attacks. Under IPS Policies with the actions i added the Reset TCP Connection. But I'm Stuck There.

From the documentation that i  reviewed it was stated that i need to assign another interface for the tcp reset and allow the vlan\s that i'm capturing.

Could any one help with this issue.



Cisco Employee

Re: Help IDSM2 to Configure for TCP Reset


  The IDSM-2's TCP reset port is port 1 as discussed in the configuration guide:

  By ensuring that port 1 is in the correct VLAN(s), it should be able to source TCP resets when that action is assigned to a signature.


Cisco Employee

Re: Help IDSM2 to Configure for TCP Reset

The comments in the User Guide only apply to Cat OS, and only apply to promiscuous mode.
Cat OS provides multiple different config options that could prevent TCP resets from working properly, however in Native IOS with the special "intrusion-detection module" commands take care of these issues automatically without the user having to do
The IDSM2 has two data ports (a.k.a. "sensing interfaces"), and a separate tcp-reset interface. In native IOS you do not need to configure the
tcp-reset interface, either on the IDSM2 or on the switch.  It is automatically added to all necessary vlans by the switch.

CreatePlease to create content