Configuration Guide Configuring Gateway-targeted ARP Spoofing Prevention
from User A to the gateway during communication will be sent to User B. In this way, User A's communications are
intercepted, thereby causing ARP spoofing.
Overview
#_Gateway-targete
d ARP Spoofing
Prevention
Blocks ARP spoofing packets with forged gateway address and intranet server IP addresses to
ensure that users can access the Internet.
6.3.1 Gateway-targeted ARP Spoofing Prevention
Working Principle
Gateway-targeted Spoofing Prevention
Gateway-targeted ARP spoofing prevention effectively prevents ARP spoofing aimed at gateways by checking on the
logical port whether the source IP addresses of ARP packets are the self-configured gateway IP addresses. If an ARP packet
uses the gateway address as the source IP address, the packet will be discarded to prevent users from receiving wrong ARP
response packets. If not, the packet will not be handled. In this way, only the devices connected to the switch can send ARP
packets, and the ARP response packets sent from the other PCs which pass for the gateway are filtered by the switch.
Related Configuration
Configuring Gateway-targeted Spoofing Prevention Addresses
By default, no gateway-targeted ARP spoofing prevention address is configured.
Run the anti-arp-spoofing ip command to configure the gateway-targeted ARP spoofing prevention addresses.
6.4 Configuration
#_Configuring Basic
PIM-SM Functions_1
Configures gateway-targeted ARP spoofing
prevention on the logical port and specifies
the gateway IP address.
6.4.1 Configuring Gateway-targeted Spoofing Prevention
Configuration Effect
Enable gateway-targeted ARP spoofing prevention.
Configuration Steps
To Next Page
Loading...
Need help?
General
