Configuring Ip Source Guard Work Flow; Enabling Ip Source Guard - Cisco SF500-24 Administration Manual
500 series stackable managed switch
Hide thumbs
Also See for SF500-24:
- Quick start manual (72 pages) ,
- Administration manual (548 pages) ,
- Quick start manual (25 pages)
Table of Contents
Advertisement
Configuring Security
IP Source Guard
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
STEP 6
STEP 1
STEP 2
Cisco 500 Series Stackable Managed Switch Administration Guide
•
DHCP packets allowed by DHCP Snooping are permitted.
•
If source IP address filtering is enabled:
-
IPv4 traffic: Only traffic with a source IP address that is associated with
the port is permitted.
-
Non IPv4 traffic: Permitted (Including ARP packets).
Configuring IP Source Guard Work Flow
To configure IP Source Guard:
Enable DHCP Snooping in the IP Configuration > DHCP > Properties page or in
the Security > DHCP Snooping > Properties page.
Define the VLANs on which DHCP Snooping is enabled in the IP Configuration >
DHCP > Interface Settings page.
Configure interfaces as trusted or untrusted in the IP Configuration > DHCP >
DHCP Snooping Interface page.
Enable IP Source Guard in the Security > IP Source Guard > Properties page.
Enable IP Source Guard on the untrusted interfaces as required in the Security >
IP Source Guard > Interface Settings page.
View entries to the Binding database in the Security > IP Source Guard > Binding
Database page.
Enabling IP Source Guard
To enable IP Source Guard globally:
Click Security > IP Source Guard > Properties. The Properties page is
displayed.
Select Enable to enable IP Source Guard globally.
18
339
Hide quick links:
Advertisement
Table of Contents
