C
HAPTER
14
| Security Measures
Access Control Lists
– 310 –
CONFIGURING AN ARP
ACL
Use the Security > ACL (Configure ACL - Add Rule - ARP) page to configure
ACLs based on ARP message addresses. ARP Inspection can then use these
ACLs to filter suspicious traffic (see "Configuring Global Settings for ARP
Inspection" on page 314).
CLI REFERENCES
◆ "permit, deny (ARP ACL)" on page 696
◆ "show ip access-list" on page 689
◆ "Time Range" on page 545
PARAMETERS
These parameters are displayed:
◆ Type – Selects the type of ACLs to show in the Name list.
◆ Name – Shows the names of ACLs matching the selected type.
◆ Action – An ACL can contain any combination of permit or deny rules.
◆ Packet Type – Indicates an ARP request, ARP response, or either type.
(Range: Request, Response, All; Default: Request)
◆ Source/Destination IP Address Type – Specifies the source or
destination IPv4 address. Use “Any” to include all possible addresses,
“Host” to specify a specific host address in the Address field, or “IP” to
specify a range of addresses with the Address and Mask fields.
(Options: Any, Host, IP; Default: Any)
◆ Source/Destination IP Address – Source or destination IP address.
◆ Source/Destination IP Subnet Mask – Subnet mask for source or
destination address. (See the description for Subnet Mask on
page 304.)
◆ Source/Destination MAC Address Type – Use “Any” to include all
possible addresses, “Host” to indicate a specific MAC address, or “MAC”
to specify an address range with the Address and Mask fields.
(Options: Any, Host, MAC; Default: Any)
◆ Source/Destination MAC Address – Source or destination MAC
address.
◆ Source/Destination MAC Bit Mask – Hexadecimal mask for source
or destination MAC address.
◆ Log – Logs a packet when it matches the access control entry.
To Next Page
Loading...
Need help?
General