Netgear M5300-28G-POE+ (GSM7228PSv1h2) - 12-Port Managed Gigabit Switch Ratgeber Für Administratoren
Security Management
387
Managed Switches
Now the ARP packets from the static client go through because the client has an entry in
the ARP table. ACL ARP packets from the DHCP client go also through because the
client has a DHCP snooping entry.
the ARP table. ACL ARP packets from the DHCP client go also through because the
client has a DHCP snooping entry.
This command can include the optional static keyword. If the static keyword is given,
packets that do not match a permit statement are dropped without consulting the DHCP
snooping bindings. In this example, ARP packets from the DHCP client are dropped since it
does not have a matching rule, though it has a DHCP snooping entry.
packets that do not match a permit statement are dropped without consulting the DHCP
snooping bindings. In this example, ARP packets from the DHCP client are dropped since it
does not have a matching rule, though it has a DHCP snooping entry.
Web Interface: Configure Static Mapping
1.
Create an ARP ACL.
a. Select Security > Control > Dynamic ARP Inspection > DAI ACL Configuration.
b. In the Name field, enter ArpFilter.
c. Click Add.
A screen similar to the following displays.
2.
Configure a rule to allow the static client.
a. Select Security > Control > Dynamic ARP Inspection > DAI ACL Rule
Configuration.
b. In the ACL Name list, select ArpFilter.
c. In the Source IP Address field, enter 192.168.10.2.
d. In the Source MAC Address field, enter 00:11:85:EE:54:E9.
e. Click Add.
A screen similar to the following displays.