Reference Guide
Dynamic ARP Inspection 427
Trusted Interfaces
Interfaces are untrusted if the packet is received from an interface outside the
network or from an interface beyond the network firewall. Trusted interfaces
receive packets only from within the network or the network firewall.
To configure an interface to be trusted:
1
Click
Switching
Dynamic ARP Inspection
Trusted Interfaces
in the
tree view to display the
Trusted Interfaces: Summary
page.
The ports and their trusted status are displayed.
2
To modify the status of an interface, click
Edit.
3
Select the interface and enable/disable its
Trust Status
, which is the
DHCP Snooping Trust mode.
Configuring Trusted Interfaces Using CLI Commands
The following table summarizes the CLI commands for configuring the fields
in the
Trusted Interface pages.
The following is an example of some of the CLI commands:
Table 19-5. Configuring Trusted Interface Parameters CLI Commands
CLI Command Description
ip arp inspection trust
no ip arp inspection trust
Configures an interface trust state that
determines if incoming ARP packets are
inspected.
Use the no form of this command to
restore the default configuration.
show ip arp inspection
[interface-id]
Displays the ARP inspection configuration
for all interfaces or a specific interface.
console(config)# interface gi0/3
console(config-if)# ip arp inspection trust