Configuring Security
Configuring Dynamic ARP Inspection
STEP 1
STEP 2
STEP 3
STEP 4
Cisco 220 Series Smart Plus Switches Administration Guide Release 1.0.0.x
Interaction Between ARP Inspection and DHCP Snooping
If DHCP Snooping is enabled, ARP Inspection uses the DHCP Snooping Binding
database in addition to the ARP access control rules. If DHCP Snooping is not
enabled, only the ARP access control rules are used.
Table 1 ARP Default
Option
Dynamic ARP Inspection
ARP Packet Validation
ARP Inspection Enabled on
VLAN
Log Buffer Interval
Workflow to configure ARP Inspection
To configure ARP Inspection:
Enable ARP Inspection and configure various options on the Security > ARP
Inspection > Properties page. See
more details.
Configure interfaces as ARP trusted or untrusted on the Security > ARP Inspection
> Interface Settings page. See
for more details.
Define the VLANs on which ARP Inspection is enabled on the Security > ARP
Inspection > VLAN Settings page. See
Settings
for more details.
View ARP Inspection statistical information on the Security > ARP Inspection >
Statistics page. See
Viewing ARP Inspection Statistics
Default State
Disabled
Disabled
Disabled
SYSLOG message generation for dropped
packets is enabled at 5 seconds interval.
Configuring ARP Inspection Properties
Configuring ARP Inspection Trusted Interfaces
Configuring ARP Inspection VLAN
16
for
for more details.
220