Figure 195: Configuring a MAC ACL
Use the Security > ACL (Configure ACL - Add Rule - ARP) page to configure
C
ONFIGURING
ACLs based on ARP message addresses. ARP Inspection can then use these
ARP ACL
AN
ACLs to filter suspicious traffic (see
Inspection" on page
CLI R
EFERENCES
"permit, deny (ARP ACL)" on page 990
◆
"show ip access-list" on page 976
◆
"Time Range" on page 782
◆
P
ARAMETERS
These parameters are displayed:
Type – Selects the type of ACLs to show in the Name list.
◆
Name – Shows the names of ACLs matching the selected type.
◆
Action – An ACL can contain any combination of permit or deny rules.
◆
Packet Type – Indicates an ARP request, ARP response, or either type.
◆
(Range: IP, Request, Response; Default: IP)
Source/Destination IP Address Type – Specifies the source or
◆
destination IPv4 address. Use "Any" to include all possible addresses,
"Host" to specify a specific host address in the Address field, or "IP" to
specify a range of addresses with the Address and Mask fields.
(Options: Any, Host, IP; Default: Any)
◆
Source/Destination IP Address – Source or destination IP address.
C
"Configuring Global Settings for ARP
376).
– 369 –
| Security Measures
13
HAPTER
Access Control Lists