Firewall configuration, Anti arp spoofing, Adding ip-mac binding entries – TP-Link Omada ER8411 VPN Router User Manual

Configuring Firewall

Firewall Configuration

User Guide 107

2

Firewall Configuration

In Firewall module, you can configure the following features:

■

Anti ARP Spoofing

■

Attack Defense

■

MAC Filtering

■

Access Control

2.1 Anti ARP Spoofing

To complete Anti ARP Spoofing configuration, there are two steps. First, add IP-MAC

Binding entries to the IP-MAC Binding List. Then enable Anti ARP Spoofing for these

entries.

Note:

In case Anti ARP Spoofing causes access problems to the currently connected devices, we

recommend that you add and verify the IP-MAC Binding entries first before enabling Anti ARP

Spoofing.

2.1.1 Adding IP-MAC Binding Entries

You can add IP-MAC Binding entries in two ways: manually and via ARP scanning.

■

Adding IP-MAC Binding Entries Manually

You can manually bind the IP address, MAC address and interface together on the

condition that you have got the related information of the hosts on the network.

■

Adding IP-MAC Binding Entries via ARP Scanning

With ARP Scanning, the router sends the ARP request packets with the specific IP field to

the hosts. Upon receiving the ARP reply packet, the router can get the IP address, MAC

address and connected interface of the host.
The following sections introduce these two methods in detail.