User's Manual
Security
ARP Inspection
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  377
18
STEP 1 Click Security > ARP Inspection > Properties.
Enter the following fields:
• ARP Inspection Status—Select to enable ARP Inspection.
• ARP Packet Validation—Select to enable the following validation checks:
- Source MAC — Compares the packets source MAC address in the 
Ethernet header against the senders MAC address in the ARP request. 
This check is performed on both ARP requests and responses.
- Destination MAC — Compares the packets destination MAC address in 
the Ethernet header against the destination interfaces MAC address. This 
check is performed for ARP responses.
- IP Addresses — Compares the ARP body for invalid and unexpected IP 
addresses. Addresses include 0.0.0.0, 255.255.255.255, and all IP 
Multicast addresses. 
• Log Buffer Interval—Select one of the following options:
- Retry Frequency—Enable sending SYSLOG messages for dropped 
packets. Entered the frequency with which the messages are sent.
- Never—Disabled SYSLOG dropped packet messages.
STEP  2 Click Apply. The settings are defined, and the Running Configuration file is 
updated.
Defining Dynamic ARP Inspection Interfaces Settings
Packets from untrusted ports/LAGs are checked against the ARP Access Rules 
table and the DHCP Snooping Binding database if DHCP Snooping is enabled (see 
the DHCP Snooping Binding Database page).
By default, ports/LAGs are ARP Inspection untrusted.
To change the ARP trusted status of a port/LAG: 
STEP 1 Click Security > ARP Inspection > Interface Settings.
The ports/LAGs and their ARP trusted/untrusted status are displayed.
STEP  2 To set a port/LAG as untrusted, select the port/LAG and click Edit.










