Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IP TCP Intercept


I have Cisco 3640 Router with IOS 12.x. I wanted to configure tcp intercpet for my web server which has ip address x.x.x.x1. I did the following

access-list 103 permit tcp any host x.x.x.x1

ip tcp intercept list 103

After giving this command i was not able to browse my web server from outside. But when i remove the command it was working fine. Also when i add

ip tcp intercept mode watch and

ip tcp intercept watch-timeout 60

The web server is working fine but when i type

sh tcp intercept connections

i am not able to see this connection, when i change the mode ot intercept which is default though i am not able to browse my web site from outside but i could see the connection in the router when i give

sh tcp intercept connections

showing establised but my website is not working from outside.

Can some one adive me how to rectify this problem.

Thanks in Advance

New Member

Re: IP TCP Intercept


This could be b'cos of the way you have specified your access-list. You might be knowing that for access-list after a permit statement all that comes below is explicit deny.In this case you are denying all other traffic to that host ( IP,UDP,TCP ) except the tcp intercept .

Hope this is the problem.