IP Source Guard Configuration Guidelines 237
How to Configure IP Source Guard 238
Enabling IP Source Guard 238
Configuring IP Source Guard for Static Hosts on a Layer 2 Access Port 239
Monitoring IP Source Guard 241
Additional References 242
CHAPTER 14
Configuring Dynamic ARP Inspection 243
Finding Feature Information 243
Restrictions for Dynamic ARP Inspection 243
Understanding Dynamic ARP Inspection 245
Interface Trust States and Network Security 246
Rate Limiting of ARP Packets 247
Relative Priority of ARP ACLs and DHCP Snooping Entries 248
Logging of Dropped Packets 248
Default Dynamic ARP Inspection Configuration 248
Relative Priority of ARP ACLs and DHCP Snooping Entries 249
Configuring ARP ACLs for Non-DHCP Environments 249
Configuring Dynamic ARP Inspection in DHCP Environments 252
Limiting the Rate of Incoming ARP Packets 255
Performing Dynamic ARP Inspection Validation Checks 257
Monitoring DAI 259
Verifying the DAI Configuration 260
Additional References 260
CHAPTER 15
Configuring IEEE 802.1x Port-Based Authentication 263
Finding Feature Information 263
Information About 802.1x Port-Based Authentication 263
Port-Based Authentication Process 264
Port-Based Authentication Initiation and Message Exchange 266
Authentication Manager for Port-Based Authentication 268
Port-Based Authentication Methods 268
Per-User ACLs and Filter-Ids 269
Port-Based Authentication Manager CLI Commands 269
Ports in Authorized and Unauthorized States 270
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
xii OL-29048-01
Contents
To Next Page
Loading...
Need help?
General