3com 5500-ei pwr Installation Instruction

 

2-12 

z 

Enable ARP attack detection based on bindings of authenticated 802.1x clients on the switch to 

prevent ARP attacks.  

Figure 2-6 Network diagram for 802.1x based ARP attack defense 

 

 

# Enter system view.  

<Switch> system-view 

# Enable 802.1x authentication globally. 

[Switch] dot1x 

# Enable ARP attack detection for VLAN 1. 

[Switch] vlan 1 

[Switch-vlan1] arp detection enable 

[Switch-vlan1] quit 

# Configure Ethernet 1/0/2 and Ethernet 1/0/3 as ARP trusted ports. 

[Switch] interface Ethernet 1/0/2 

[Switch-Ethernet1/0/2] arp detection trust 

[Switch-Ethernet1/0/2] quit 

[Switch] interface Ethernet 1/0/3 

[Switch-Ethernet1/0/3] arp detection trust 

[Switch-Ethernet1/0/3] quit 

# Enable ARP attack detection based on IP-to-MAC mappings of authenticated 802.1x clients.  

[Switch] ip source static import dot1x 

# Enable 802.1x on Ethernet 1/0/1.  

[Switch] interface ethernet 1/0/1 

[Switch-Ethernet1/0/1] dot1x