Manualshelf

HP VPN Firewall Appliances Attack Protection Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
45
Views
System view
Default command level
2: System level
Usage guidelines
After you execute the arp anti-attack valid-check enable command, the gateway device can filter out
ARP packets with the source MAC address in the Ethernet header different from the sender MAC address
in the ARP message.
Examples
# Enable ARP packet source MAC address consistency check.
<Sysname> system-view
[Sysname] arp anti-attack valid-check enable
ARP active acknowledgement configuration
commands
The following matrix shows the feature and hardware compatibility:
Hardware Com
p
atibilit
y
F1000-A-EI/F1000-S-EI Yes
F1000-E No
F5000 No
F5000-S/F5000-C No
VPN firewall modules No
20-Gbps VPN firewall modules No
arp anti-attack active-ack enable
Use arp anti-attack active-ack enable to enable the ARP active acknowledgement function.
Use undo arp anti-attack active-ack enable to restore the default.
Syntax
arp anti-attack active-ack enable
undo arp anti-attack active-ack enable
Default
The ARP active acknowledgement function is disabled.
Views
System view