Configure the TCP Intercept feature on R1 to protect TCP servers from TCP SYN-flooding attacks.
Configure ACL to protect only network 172.16.4.0 with TCP Intercept. See Example 4-56.
Configure TCP Intercept in Watch mode where all TCP connections passed through are watched by the router. If any connection does not complete the three-way hand-shake within the time specified, it will drop the connection by sending a reset. See Example 4-56.
ip tcp intercept list 102 ip tcp intercept watch-timeout 15 ip tcp intercept mode watch access-list 102 permit tcp any 172.16.4.0 0.0.0.255
For more information about TCP Intercept (preventing DoS), refer to the ...