Address Resolution Protocol (ARP) Inspection VLAN Settings Configuration on Sx500 Series Stackable Switches

Available Languages

Download Options

PDF (354.6 KB)
View with Adobe Reader on a variety of devices
ePub (399.4 KB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (168.8 KB)
View on Kindle device or Kindle app on multiple devices

Updated:December 11, 2018

Document ID:SMB3322

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Address Resolution Protocol (ARP) Inspection VLAN Settings Configuration on Sx500 Series Stackable Switches

Objectives

Address Resolution Protocol (ARP) is used to map IP addresses to MAC addresses. ARP inspection is used to protect a network from ARP attacks. It compares the IP and MAC address of a packet to the IP and MAC addresses defined on the ARP Access Control Rules page. The packet is forwarded if the addresses match. ARP inspection is only performed on interfaces that are defined as untrusted.

The VLAN Settings page is used to enable ARP inspection on VLANs and associate access control rules with VLANs.

For the ARP Inspection to function properly the following configurations need to be completed in the same order as given below:

1. ARP Inspection Properties. Please refer to the article, Address Resolution Protocol (ARP) Inspection Properties Configuration on Sx500 Series Stackable Switches.
2. Configure Interface Settings. Please refer to the article, ARP Inspection Interface Settings on Sx500 Series Stackable Switches for this configuration.
3. Configure Access Control and Access Control rules. Please refer to the article, Configuration of ARP Access Control and Access Control Rules on Sx500 Series Stackable Switches for this configuration.
4. Configure VLAN Settings. Please refer to the article, Address Resolution Protocol (ARP) Inspection VLAN Settings Configuration on Sx500 Series Stackable Switches for this configuration

This article explains how to configure ARP inspection VLAN settings on the Sx500 Series Stackable Switches.

Applicable Devices

• Sx500 Series Stackable Switches

VLAN Settings

Step 1. Log in to the switch configuration utility and choose Security > ARP Inspection > VLAN Settings. The VLAN Settings page opens:

Enable ARP Inspection on VLANs

Step 1. Click on the desired VLAN under the Available VLANs field.

Step 2. Click > to move the specified VLAN to the Enabled VLANs field. This enables ARP inspection on the specified VLAN.

Step 3. Click Apply.

Disable ARP Inspection on VLANs

Step 1. Click on the desired VLAN under the Enabled VLANs field.

Step 2. Click < to move the specified VLAN to the Available VLANs field. This disables ARP inspection on the specified VLAN.

Step 3. Click Apply.

Associate ARP Access Control Group to VLAN

Step 1. Click Add. The Add ARP Access Control Name window opens:

Step 2. From the VLAN drop-down list choose a VLAN that you want to assign an access control to.

Step 3. From the ARP Access Control Name drop-down list choose the access control that you want to associate to the specified VLAN.

Note: ARP Access Control Names can be created on the ARP Access Control page.

Step 4. Click Apply.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)