User Validity Check And Arp Packet Validity Check Configuration Example - HP 6125G Configuration Manual
Security configuration guide
Hide thumbs
Also See for 6125G:
- Command reference manual (426 pages) ,
- Configuration manual (379 pages) ,
- Release note (60 pages)
Table of Contents
Advertisement
[SwitchB-luser-test] password simple test
[SwitchB-luser-test] quit
# Enable ARP detection for VLAN 10.
[SwitchB] vlan 10
[SwitchB-vlan10] arp detection enable
# Configure the upstream port as a trusted port and the downstream ports as untrusted ports (a port
is an untrusted port by default).
[SwitchB-vlan10] interface gigabitethernet 1/0/3
[SwitchB-GigabitEthernet1/0/3] arp detection trust
[SwitchB-GigabitEthernet1/0/3] quit
After the preceding configurations are complete, when ARP packets arrive at interfaces
GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2, they are checked against 802.1X security
entries.
User validity check and ARP packet validity check
configuration example
Network requirements
Configure Switch B to perform ARP packet validity check and user validity check based on static IP source
guard binding entries and DHCP snooping entries for connected hosts.
Figure 75 Network diagram
Configuration procedure
Add all the ports on Switch B to VLAN 10, and configure the IP address of VLAN-interface 10 on
1.
Switch A. (Details not shown.)
Configure DHCP address pool 0 on Switch A as a DHCP server.
2.
<SwitchA> system-view
[SwitchA] dhcp enable
[SwitchA] dhcp server ip-pool 0
[SwitchA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
245
Advertisement
Table of Contents
Troubleshooting
