> > You should be able to match on the protocol TCP instead of the protocol > IP. That alone should not modify the behavior, since it is only applicable > to TCP. However, you can define the ACL to also define a port. That way, > you can get more granular and only look at certain traffic with the > intercept process. This can help the resource utilization on the router. > > Message: 5 > Date: Sun, 23 Aug 2009 17:01:37 +0200 > From: Simon Baumann <[email protected]> > Subject: [OSL | CCIE_Security] TCP Intercept related question. > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes > > Hi, > when I define an access-list for TCP intercept: could I match on the > procotcol tcp instead of ip? > Does it have any influence on this feature? > TIA. > > Regards > Simon > > > End of CCIE_Security Digest, Vol 38, Issue 36 > ********************************************* >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
