Prerequisites
Before you can configure IP Source Guard, you must ensure the following:
- Dynamic Host Control Protocol (DHCP) snooping is globally enabled.
For more information about, see Configuring DHCP snooping globally using EDM.
- The port is a member of a Virtual LAN (VLAN) configured with DHCP snooping and dynamic Address Resolution Protocol (ARP) Inspection.
- The port is an untrusted DHCP snooping and dynamic ARP Inspection port.
- A minimum of 10 rules are available on the port.
- The bsSourceGuardConfigMode MIB object exists.
This MIB object is used to control the IP Source Guard mode on an interface.
- The following applications are not enabled:
- IP Fix
- Extensible Authentication Protocol over LAN (EAPoL)