Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

smtp not working with " tcp intercept"

We are noticng a strange problem with "tcp intercept". The outgoing mail smtp port 25 does not work , remaning applications work fine.

ip tcp intercept list 101

access-list 101 permit tcp 202.x.x.x any

other parameters are default.

The router configuration is 7206 vxr with 12.2 (13b) IOS .

4 REPLIES
Community Member

Re: smtp not working with " tcp intercept"

lately observerd that even pop3 ( port 110 ) has problem . Few of the sites report http issues with the browser just showing " opening the page " and nothing appears. Once we remove intercept everything works fine.

Few more inputs on the setup. We have hundereds of remotes sites which come on private IPs and get NATed at the 7206 router and access internet. Of the late we are noticing lot of Syn attacks at the router and the CPU going 100%, that is the reason we thought of having tcp intercept implemented.

Community Member

Re: smtp not working with " tcp intercept"

Well, I work for a web hosting company and we get the same kind of SYN attacks. The same symptoms .... CPU % maxes out .... TCP intercept will NOT help you with this. We tried .... We turned on Turbo ACL but it doesn't really help much either. I suggest opening a case with the TAC and they will help you to discover if you can prevent this from happening. From experience, You'll just have to wait it out ....

fyi .... We have 7206 vxr's (2) at our border with npe-400's .... we just got a 7206 vxr with a npe-g1 but have not had a chance to put it up against a syn attack yet. Good luck .....

you can contact me if you want to and I can give a point of contact at Cisco (that I have worked with) to help get you started.

Community Member

Re: smtp not working with " tcp intercept"

The problem is I cannot create a TAC case, I have option of only using open forum with my ID. Please let me know how you how you have handled the syn attacks , your suggestion would be highly appreciated.

Community Member

Re: smtp not working with " tcp intercept"

Well, you can always contact your ISP and try to convince them to place a filter at their end. Not at the other end of the link though. (that would just tie up the router at the other end of your link) But rather, somewhere else in their network that would filter the offending address range yet allow you to still pass other traffic back and forth. (btw ... This is the exact info I got from the TAC as well) ... Good luck.

252
Views
0
Helpful
4
Replies
CreatePlease to create content