C
HAPTER
13
| Security Measures
ARP Inspection
– 374 –
WEB INTERFACE
To configure global settings for ARP Inspection:
1. Click Security, ARP Inspection.
2. Select Configure General from the Step list.
3. Enable ARP inspection globally, enable any of the address validation
options, and adjust any of the logging parameters if required.
4. Click Apply.
Figure 202: Configuring Global Settings for ARP Inspection
CONFIGURING
VLAN SETTINGS FOR
ARP INSPECTION
Use the Security > ARP Inspection (Configure VLAN) page to enable ARP
inspection for any VLAN and to specify the ARP ACL to use.
CLI REFERENCES
â—† "ARP Inspection" on page 924
COMMAND USAGE
ARP Inspection VLAN Filters (ACLs)
â—† By default, no ARP Inspection ACLs are configured and the feature is
disabled.
â—† ARP Inspection ACLs are configured within the ARP ACL configuration
page (see page 365).
â—† ARP Inspection ACLs can be applied to any configured VLAN.
â—† ARP Inspection uses the DHCP snooping bindings database for the list
of valid IP-to-MAC address bindings. ARP ACLs take precedence over
entries in the DHCP snooping bindings database. The switch first
compares ARP packets to any specified ARP ACLs.
â—† If Static is specified, ARP packets are only validated against the
selected ACL – packets are filtered according to any matching rules,
To Next Page
Loading...
Need help?
General
