Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
433
Views
0
Helpful
2
Replies

Stolen Default Gateway IP

m.deangelo
Level 1
Level 1

‎01-27-2004 11:30 AM - edited ‎03-02-2019 01:11 PM

Is there any configuration to prevent the potential impact of somebody taking the default gateway IP and configuring it on a device on the same vlan/network. As devices learn of this new default gateway mac there will be traffic that gets black holed.

Labels:
0 Helpful
2 Replies 2

gleithner
Level 1
Level 1

‎01-27-2004 01:36 PM

not that I know of.

If we're talking a new device, you could use 802.1X or mac-security on the switch port.

As for devices already on the vlan, use an OS that can lock out users from the network settings.

As for the affect, it would be gradual unless a large number of pc's fired up at the same time. PC's already using the current default gateway would keep using it, dependent on usage and arp timeouts of course. Should be enough time to jump on the issue before it gets out of hand.

0 Helpful

tbaranski
Level 4
Level 4

‎01-27-2004 05:04 PM

Dynamic ARP Inspection was introduced recently to help with this problem: http://www.cisco.com/en/US/products/hw/switches/ps4324/products_configuration_guide_chapter09186a00801cddb9.html

I don't know what other platforms support it.

0 Helpful
Customers Also Viewed These Support Documents