Deny (Arp Access-List Configuration) - Cisco Catalyst 3750-X Command Reference Manual

Cisco ios release 15.2(1)e and later

Hide thumbs Also See for Catalyst 3750-X:

Software configuration manual (1438 pages)

Message manual (150 pages)

Getting started manual (22 pages)

page of 1244

/ 1244
Contents
Table of Contents
Bookmarks

Table of Contents

Catalyst 3750-X and 3560-X Switch Cisco IOS Commands

deny (ARP access-list configuration)

Use the deny Address Resolution Protocol (ARP) access-list configuration command on the switch stack

or on a standalone switch to deny an ARP packet based on matches against the DHCP bindings. Use the

no form of this command to remove the specified access control entry (ACE) from the access list.

This command is available only if your switch is running the IP services feature set.

Syntax Description

host sender-ip

sender-ip sender-ip-mask

host sender-mac

sender-mac-mask

host target-ip

target-ip target-ip-mask

host target-mac

target-mac-mask

There are no default settings. However, at the end of the ARP access list, there is an implicit deny ip any

mac any command.

Command Modes

ARP access-list configuration

deny {[request] ip {any | host sender-ip | sender-ip sender-ip-mask} mac {any | host sender-mac

| sender-mac sender-mac-mask} | response ip {any | host sender-ip | sender-ip sender-ip-mask}

[{any | host target-ip | target-ip target-ip-mask}] mac {any | host sender-mac | sender-mac

sender-mac-mask} [{any | host target-mac | target-mac target-mac-mask}]} [log]

no deny {[request] ip {any | host sender-ip | sender-ip sender-ip-mask} mac {any | host

sender-mac | sender-mac sender-mac-mask} | response ip {any | host sender-ip | sender-ip

sender-ip-mask} [{any | host target-ip | target-ip target-ip-mask}] mac {any | host sender-mac

| sender-mac sender-mac-mask} [{any | host target-mac | target-mac target-mac-mask}]} [log]

(Optional) Define a match for the ARP request. When request is not

specified, matching is performed against all ARP packets.

Specify the sender IP address.

Deny any IP or MAC address.

Deny the specified sender IP address.

Deny the specified range of sender IP addresses.

Deny the sender MAC address.

Deny a specific sender MAC address.

Deny the specified range of sender MAC addresses.

Define the IP address values for the ARP responses.

Deny the specified target IP address.

Deny the specified range of target IP addresses.

Deny the MAC address values for the ARP responses.

Deny the specified target MAC address.

Deny the specified range of target MAC addresses.

(Optional) Log a packet when it matches the ACE.

deny (ARP access-list configuration)

Catalyst 3750-X and 3560-X Switch Command Reference

Catalyst 3560-x

Deny (Arp Access-List Configuration) - Cisco Catalyst 3750-X Command Reference Manual

deny (ARP access-list configuration)

Related Manuals for Cisco Catalyst 3750-X

Related Content for Cisco Catalyst 3750-X

This manual is also suitable for:

Table of Contents