Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4 464
26
- Inherited—Inherit value from VLAN or system default (disabled).
- No Verification—Disables verification of the security level.
- User Defined—Specify the security level of the message to be forwarded.
• Validate Source MAC—Specify whether to globally enable checking source MAC
address against the link-layer address:
- Inherited—Inherit value from VLAN or system default (disabled).
- Enable—Enable checking source MAC address against the link-layer address.
- Disable—Disable checking source MAC address against the link-layer address.
STEP 6 Click Apply to add the settings to the Running Configuration file.
STEP 7 To attach this policy to an interface:
• Attach Policy to VLAN—Click to jump to Policy Attachment (VLAN) page where
you can attach this policy to a VLAN.
• Attach Policy to Interface—Click to jump to Policy Attachment (Port) page where you
can attach this policy to a port.
Neighbor Binding Settings
The Neighbor Binding table is a database table of IPv6 neighbors connected to a device is
created from information sources, such as Neighbor Discovery Protocol (NDP) snooping. This
database, or binding, table is used by various IPv6 guard features to prevent spoofing and
redirect attacks.
Use the Neighbor Binding Settings page to enable the Neighbor Binding feature on a specified
group of VLANs and to set the global configuration values for this feature. If required, a
policy can be added or the system-defined default Neighbor Binding policies can be
configured in this page.
To configure Neighbor Binding:
STEP 1 Click Security > IPv6 First Hop Security > Neighbor Binding Settings.
STEP 2 Enter the following global configuration fields:
• Neighbor Binding VLAN List—Enter one or more VLANs on which Neighbor
Binding is enabled.
To Next Page
Loading...
