Security Management
337
Managed Switches
6. Configure port 1/0/1 as trusted.
a. Select Security > Control > Dynamic ARP Inspection > DAI Interface
Configuration.
b. Select the Interface 1/0/1 check box.
c. For the Trust Mode, select Enable.
d. Click Apply.
A screen similar to the following displays.
Now ARP packets from the DHCP client will go through; however ARP packets from the
static client are dropped, since it does have a DHCP snooping entry. It can be overcome by
static configuration as described in the following section, Static Mapping on page 337.
Static Mapping
The example is shown as CLI commands and as a web interface procedure.
CLI: Configure Static Mapping
1. Create an ARP ACL.
2. Configure the rule to allow the static client.
3. Configure ARP ACL used for VLAN 1.
(Netgear Switch) (Config)# arp access-list ArpFilter
(Netgear Switch) (Config-arp-access-list)# permit ip host 192.168.10.2
mac host 00:11:85:ee:54:e9
(Netgear Switch) (Config)# ip arp inspection filter ArpFilter vlan 1
To Next Page
Loading...
