[an error occurred while processing this directive] [an error occurred while processing this directive]

Enabling Dynamic ARP Inspection (CLI Procedure)

Dynamic ARP inspection (DAI) protects EX Series switches against ARP spoofing. DAI inspects ARP packets on the LAN and uses the information in the DHCP snooping database on the switch to validate ARP packets and to protect against ARP cache poisoning.

You configure DAI for each VLAN, not for each interface (port). By default, DAI is disabled for all VLANs.

    To enable dynamic ARP inspection (DAI) on a VLAN or all VLANs using the CLI:

    • On a single VLAN (here, the VLAN is employee-vlan):

      [edit ethernet-switching-options secure-access-port]
      user@switch# set vlan employee-vlan arp-inspection
    • On all VLANs:

      [edit ethernet-switching-options secure-access-port]
      user@switch# set vlan all arp-inspection

      Published: 2009-07-23

      [an error occurred while processing this directive]