ProSafe M4100 and M7100 Managed Switches

3.Configure ARP ACL used for VLAN 1.

(Netgear Switch) (Config)# ip arp inspection filter ArpFilter vlan 1

4.Now the ARP packets from the static client will go through since it has an entry in the ARP. ACL ARP packets from the DHCP client is also through since it has a DHCP snooping entry.

This command can include the optional static keyword. If the static keyword is given, packets that do not match a permit statement are dropped without consulting the DHCP snooping bindings. In this example, ARP packets from the DHCP client are dropped since it does not have a matching rule, though it has a DHCP snooping entry.

Web Interface: Configure Static Mapping

1.Create an ARP ACL.

a.Select Security > Control > Dynamic ARP Inspection > DAI ACL Configuration.

b.In the Name field, enter ArpFilter.

c.Click Add.

A screen similar to the following displays.

2.Configure a rule to allow the static client.

a.Select Security > Control > Dynamic ARP Inspection > DAI ACL Rule Configuration.

b.In the ACL Name list, select ArpFilter.

c.In the Source IP Address field, enter 192.168.10.2.

d.In the Source MAC Address field, enter 00:11:85:EE:54:E9.

e.Click Add.

304 Chapter 15. Security Management

Page 304
Image 304
NETGEAR M7100 Web Interface Configure Static Mapping, Configure ARP ACL used for Vlan, ACL Name list, select ArpFilter