Cisco ASA Series Cli Configuration Manual page 147
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Configuring the Transparent or Routed Firewall
Detailed Steps
Command
arp interface_name ip_address mac_address
Example:
hostname(config)# arp outside 10.1.1.1
0009.7cbe.2100
Examples
For example, to allow ARP responses from the router at 10.1.1.1 with the MAC address 0009.7cbe.2100
on the outside interface, enter the following command:
hostname(config)# arp outside 10.1.1.1 0009.7cbe.2100
What to Do Next
Enable ARP inspection according to the
Enabling ARP Inspection
This section describes how to enable ARP inspection.
Detailed Steps
Command
arp-inspection interface_name enable
[flood | no-flood]
Example:
hostname(config)# arp-inspection outside
enable no-flood
Examples
For example, to enable ARP inspection on the outside interface, and to drop all non-matching ARP
packets, enter the following command:
hostname(config)# arp-inspection outside enable no-flood
Configuring ARP Inspection for the Transparent Firewall
Purpose
Adds a static ARP entry.
"Enabling ARP Inspection" section on page
Purpose
Enables ARP inspection.
The flood keyword forwards non-matching ARP packets out all interfaces,
and no-flood drops non-matching packets.
Note
The default setting is to flood non-matching packets. To restrict
ARP through the ASA to only static entries, then set this command
to no-flood.
Cisco ASA Series CLI Configuration Guide
1-11.
1-11
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
