5-11
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 5 Configuring the Transparent or Routed Firewall
Customizing the MAC Address Table for the Transparent Firewall
Note The Management 0/0 or 0/1 interface or subinterface, if present, never floods packets even if this
parameter is set to flood.
Step 5 Click OK, and then Apply.
Feature History for ARP Inspection
Table 5-2 lists the release history for this feature.
Customizing the MAC Address Table for the Transparent
Firewall
This section describes the MAC address table and includes the following topics:
• Information About the MAC Address Table, page 5-11
• Licensing Requirements for the MAC Address Table, page 5-12
• Default Settings, page 5-12
• Guidelines and Limitations, page 5-12
• Configuring the MAC Address Table, page 5-13
• Feature History for the MAC Address Table, page 5-14
Information About the MAC Address Table
The adaptive security appliance learns and builds a MAC address table in a similar way as a normal
bridge or switch: when a device sends a packet through the adaptive security appliance, the adaptive
security appliance adds the MAC address to its table. The table associates the MAC address with the
source interface so that the adaptive security appliance knows to send any packets addressed to the
device out the correct interface.
The ASA 5505 adaptive security appliance includes a built-in switch; the switch MAC address table
maintains the MAC address-to-switch port mapping for traffic within each VLAN. This section discusses
the bridge MAC address table, which maintains the MAC address-to-VLAN interface mapping for traffic
that passes between VLANs.
Table 5-2 Feature History for ARP Inspection
Feature Name Releases Feature Information
ARP inspection
7.0(1) ARP inspection compares the MAC address, IP address, and
source interface in all ARP packets to static entries in the
ARP table.
The following commands were introduced: arp,
arp-inspection, and show arp-inspection.
To Next Page
Loading...
Need help?
General
