Configuring an arp acl – Microsens MS453490M Management Guide User Manual

C

HAPTER

14

| Security Measures

Access Control Lists

– 310 –

C

ONFIGURING

AN

ARP

ACL

Use the Security > ACL (Configure ACL - Add Rule - ARP) page to configure

ACLs based on ARP message addresses. ARP Inspection can then use these

ACLs to filter suspicious traffic (see

"Configuring Global Settings for ARP

Inspection" on page 314

).

CLI R

EFERENCES

◆

"permit, deny (ARP ACL)" on page 696

◆

"show ip access-list" on page 689

◆

"Time Range" on page 545

P

ARAMETERS

These parameters are displayed:

◆

Type – Selects the type of ACLs to show in the Name list.

◆

Name – Shows the names of ACLs matching the selected type.

◆

Action – An ACL can contain any combination of permit or deny rules.

◆

Packet Type – Indicates an ARP request, ARP response, or either type.

(Range: Request, Response, All; Default: Request)

◆

Source/Destination IP Address Type – Specifies the source or

destination IPv4 address. Use “Any” to include all possible addresses,

“Host” to specify a specific host address in the Address field, or “IP” to

specify a range of addresses with the Address and Mask fields.

(Options: Any, Host, IP; Default: Any)

◆

Source/Destination IP Address – Source or destination IP address.

◆

Source/Destination IP Subnet Mask – Subnet mask for source or

destination address. (See the description for Subnet Mask on

page 304

.)

◆

Source/Destination MAC Address Type – Use “Any” to include all

possible addresses, “Host” to indicate a specific MAC address, or “MAC”

to specify an address range with the Address and Mask fields.

(Options: Any, Host, MAC; Default: Any)

◆

Source/Destination MAC Address – Source or destination MAC

address.

◆

Source/Destination MAC Bit Mask – Hexadecimal mask for source

or destination MAC address.

◆

Log – Logs a packet when it matches the access control entry.