05-16-2022 06:29 AM
Team,
Are there any security configurations that can be done on a Cisco switch that will prevent a VM hosted on an internal network from hijacking the Gateway IP assigned to the VLAN on the switch?
Thanks!
N.
05-16-2022 06:38 AM - edited 05-16-2022 06:39 AM
Yes ARP inception.
the ARP inception check if VM host send GARP to other HOST inform all that I am new GW, the SW will drop this packet and prevent this case.
05-16-2022 07:59 AM - edited 05-16-2022 07:59 AM
Hi MHM, sorry that I missed adding that this is a Cisco Nexus switch.
Will this still work?
05-16-2022 08:33 AM - edited 05-16-2022 10:27 AM
Yes sure
what nexus you have nexus 3000 or 5000?
05-17-2022 01:07 AM
Hi MHM,
This is a Nexus 7000 in vPC.
Thanks.
05-17-2022 03:34 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide