TCP Reset not working

jlwomeld · ‎10-27-2005

I have my man-port on vlan 2 this is our MGT vlan we do not use vlan 1, tcpreset is not work. Below is the step I did to set it up

1 vlan 1 is up but no ip address on this due to vlan 2 is MGT IP

2 I have the man-port on vlan 2

intrusion-detection module 9 management-port access-vlan 2

3 I ran the tcpdump and noting came back go a pars error.

can anyone shed light on my problems I'm not sure I have everything config right.

Thanks

marcabal · ‎10-27-2005

Not sure what you are asking.

Sounds like you may be confusing the management port with TCP Reset event action for signatures.

The TCP Reset packets as event actions for signatures will not be sent out of the management port. They are sent out a TCP Reset port.

The TCP Reset port is not user configurable or even viewable in Native IOS.

The configuration you need to worry about is not the management-port but instead the data-ports of the IDSM-2. The data-ports need to be properly configured to monitor the traffic you want to execute the TCP Resets on,

jlwomeld · ‎10-27-2005

I ran the following command on my sensor and I am getting no data back

[root@CARL122IDSMONS sbin]# ./tcpdump -i eth1 src host 144.xxx.xxx.xxx(i removed the IP's)

tcpdump: WARNING: eth1: no IPv4 address assigned

tcpdump: listening on eth1

does this mean my TCP reset is not working?