Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1191
Views
0
Helpful
1
Replies

IP ARP Inspection in non-DHCP environment

Mirza Arsalan Baig
Level 1
Level 1

‎02-04-2011 01:38 AM - edited ‎03-06-2019 03:21 PM

Hi,

I have implemented "arp inspection" on LAN. We have around thousand users in VLAN 100 (diagram attached) and the reason I have implemented "arp inspection" besides arp spoofing to bound clients/users to not change their ip addresses and machines/mac-addresses.

In ARP INSPECTION ACL I have added clients who are behind the router and bind them against single mac-address. (I hope diagram will help you to understand the scenario).

At my end (in real scenario) ARP ACL performing perfectly for those who are in VLAN 100, but performaing abnormally with those who are behind the router.I have not added those clients in ARP ACL but still those clients are working fine.

My question is, does users (behind the router) must be required to added in ARP ACL? In my lab it blocked all the traffic of those clients who are behind the router until I need to added them in ARP ACL.

I am using 3550 with "c3550-ipservicesk9-mz.122-25.SEB4.bin".

Please feel free to ask if you have any query

Many thanks in advance.

Best Regards,

Arsalan

Labels:
Preview file
88 KB
0 Helpful
1 Reply 1

Mirza Arsalan Baig
Level 1
Level 1

‎02-07-2011 09:29 PM

Please reply.

Regards,

Arsalan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card