HPE Community
Aruba & ProVision-based
1753521 Members
5252 Online
108795 Solutions
New Discussion юеВ

Re: HP Procurve 2920 ARP-PROTECT Issue

 
faisalraza
Occasional Visitor

тАО05-10-2017 01:42 AM

тАО05-10-2017 01:42 AM

HP Procurve 2920 ARP-PROTECT Issue

Hi All,

I am new to HP ProCurve switches, we have just bought 4 HP ProCurve J9727A Sws. I've deployed dynamic VLANs with Active Directory and NPS server. Also enable DHCP Snooping. But now I've an issue in ARP-PROTECT. When I enable this feature the network gets down. 

In my scenario I've the following VLANs.

 

VLAN 1 (Default) for Wireless Users.

VLAN 10 for Guest Network

VLAN 11 for DMZ

VLAN 12 for Servers

VLAN 13 for MPLS for WAN

VLAN 14 for Switches

VLAN 15 for Voice / IP Phone

VLAN 16 for Untrust Finger Print devices

VLAN 17 through 22 for departments.

My UP Link ports are 23-24

 

Can anyone help me by giving commands to apply for maximum security. 

 

Thanks

Regards

Faisal

0 Kudos
2 REPLIES 2
Vince-Whirlwind
Honored Contributor

тАО05-10-2017 07:07 PM

тАО05-10-2017 07:07 PM

Re: HP Procurve 2920 ARP-PROTECT Issue

Did you configure ports 23-24 as trusted ports?

Did you add in any non-DHCP IP addresses to the static bindings on each switch?

Did you verify each switch's static bindings to see what is in them?

0 Kudos
faisalraza
Occasional Visitor

тАО05-10-2017 11:38 PM

тАО05-10-2017 11:38 PM

Re: HP Procurve 2920 ARP-PROTECT Issue

++  Vince-Whirlwind

 

Thanks for your kind reply. I can share with you the configurations if you can give me your meail or shall I send you in private ?

I did configure the trunk ports are trusted. 

There's no static binding for non DHCP.

I didn't verify the static bindings. I simply applied the following configuration in switches. Also the DHCP Snooping is already enabled with the trusted ports.

SW1
arp-protect
arp-protect trust 19,20-24
arp-protect vlan 1-30

SW2
arp-protect
arp-protect trust 22-24
arp-protect vlan 1-30

SW3
arp-protect
arp-protect trust 23-24
arp-protect vlan 1-30

SW4
arp-protect
arp-protect trust 23-24
arp-protect vlan 1-30

Please advise what further command to be run.

Regards.

Faisal

 

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.