R3166-R3206-HP High-End Firewalls Attack Protection Configuration Guide-6PW101
35
To do… Use the command…
Remarks
Return to system view quit —
NOTE:
• IP addresses already existent in ARP entries are not scanned.
• ARP automatic scanning may take some time. To stop an ongoing scan, press Ctrl + C. Dynamic ARP
entries are created based on ARP replies received before the scan is terminated.
Configuring fixed ARP
Introduction to fixed ARP
This feature allows the firewall to convert dynamic ARP entries into static ones.
Configuring fixed ARP in the web interface
NOTE:
• Only dynamic ARP entries learnt on Layer 3 Ethernet interfaces, Layer 3 Ethernet subinterfaces, and
VLAN interfaces can be converted into static ones.
• The static ARP entries resulting from conversion are the same with those manually configured.
• The number of dynamic ARP entries that can be converted into static ones is limited by the number of
static ARP entries supported on the firewall. Some dynamic ARP entries may not be converted to static
ones due to the limit.
• The fixin
g
process may take some time, durin
g
which some dynamic entries may be added or a
g
ed out.
The newly added dynamic entries will be fixed and the aged ones will not.
Select Firewall > ARP Anti-Attack > Fix from the navigation tree to enter the fixed ARP configuration page,
as shown in Figure 30. The page lists all st
atic ARP entries, including manually configured ones and fixed
ones, and all dynamic ARP entries.
Figure 30 Fixed ARP page
• Click Fix All to convert all dynamic ARP entries to static ones.
• Click Del All Fixed to delete all static ARP entries.