Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
465 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
26
• Device Role—Displays the device global default role (Perimeter).
• Neighbor Binding Lifetime—Enter the length of time that addresses remain in the
Neighbor Bindings table.
• Neighbor Binding Logging—Select to enable logging of Neighbor Binding table main
events.
• Address Prefix Validation—Select to enable IPv6 Source Guard validation of
addresses.
Global Address Binding Configuration:
• Binding from NDP Messages—To change the global configuration of allowed
configuration methods of global IPv6 addresses within an IPv6 Neighbor Binding
policy, select one of the following options:
- Any—Any configuration methods (stateless and manual) are allowed for global
IPv6 bound from NDP messages
- Stateless—Only stateless auto configuration is allowed for global IPv6 bound from
NDP messages.
- Disable—Binding from NDP messages is disabled.
• Binding from DHCPv6 Messages—Binding from DHCPv6 is allowed.
Neighbor Binding Entry Limits—Specify the maximum number of Neighbor Binding
entries per type of interface or address:
• Entries Per VLAN—Specifies the neighbor binding limit per VLAN. Select either No
Limit or enter a User Defined value.
• Entries Per Interface—Specifies the neighbor binding limit per interface. Select either
No Limit or enter a User Defined value.
• Entries Per MAC Address—Specifies the neighbor binding limit per MAC address.
Select either No Limit or enter a User Defined value.
STEP 3 Click Apply to add the settings to the Running Configuration file.
STEP 4 If required, click Add to create a Neighbor Binding policy.
STEP 5 Enter the following fields:
• Policy Name—Enter a user-defined policy name.
• Device Role—Select one of the following options to specify the role of the device
attached to the port for the Neighbor Binding policy.
To Next Page
Loading...
