Security Measures
164
Instruction Manual - NXA-ENET8-POE+
9.
Click
Apply
.
Configuring an ARP ACL
Use the Security > ACL (Configure ACL - Add Rule - ARP) page to configure ACLs based on ARP message addresses. ARP Inspection
can then use these ACLs to filter suspicious traffic (see the
Configuring Global Settings for ARP Inspection
The following table lists the options on this page:
FIG. 192
Configuring a MAC ACL
Security - ACL Options
Type
Selects the type of ACLs to show in the Name list.
Name
Shows the names of ACLs matching the selected type.
Action
An ACL can contain any combination of permit or deny rules.
Packet Type
Indicates an ARP request, ARP response, or either type. (Range: IP, Request, Response; Default: IP)
Source/Destination IP Address Type
Specifies the source or destination IPv4 address. Use Any to include all possible addresses, Host to
specify a specific host address in the Address field, or IP to specify a range of addresses with the
Address and Mask fields. (Options: Any, Host, IP; Default: Any)
Source/Destination IP Address
Source or destination IP address
Source/Destination IP Subnet Mask
Subnet mask for source or destination address. (See the description for Subnet Mask on
Source/Destination MAC Address
Type
Use Any to include all possible addresses, Host to indicate a specific MAC address, or MAC to
specify an address range with the Address and Mask fields. (Options: Any, Host, MAC; Default: Any)
Source/Destination MAC Address
Source or destination MAC address
Source/Destination MAC Bit Mask
Hexadecimal mask for source or destination MAC address
Log
Logs a packet when it matches the access control entry.