Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TCP Interceptor

This is more of an ideological concern with the TCP Interceptor.

First of all, I wonder how many people employ this on their LANs?

Is this a technology that makes sense for a LAN or more at the edge?

This technology was "uncovered" for me due to a security audit on my network. And it is suggested that this service be run in an attempt to protect against DoS attacks.

Also, if you do run this, do you operate it in Watch or Intercept mode? I am currently running this in Watch mode, which isn't exactly passive in the sense that it takes action after a certain timeout is reached. This timeout has caused a few problems with some application on my network. Those include TCP connections to mainframe (for lack of better word) and non-Cisco related VoIP calls.

I wonder how widespread this technology is, as far as use goes.



Re: TCP Interceptor

The Personal Assistant interceptor ports identify the phone extensions that Personal Assistant will intercept from Cisco CallManager. You configure these ports in Cisco CallManager as CTI route points and identify them in the Personal Assistant server configuration. The route points configuration allows Personal Assistant to intercept the calls.

You can use wildcards when creating the route points so that one route point covers many extensions. For example, the route point 1XXX covers all extensions from 1000 to 1999.

When you configure the interceptor ports, you should also set up the call forwarding configuration for interceptor port error handling to allow calls to go through to the extension if the Personal Assistant server is unavailable. The way you configure interceptor port error handling will differ depending on the version of Cisco CallManager that the system uses .

New Member

Re: TCP Interceptor

I am asking about the TCP Interceptor that helps protect against Denial of Service attacks.