Tuesday, November 19, 2024
Latest:

Add Static ARP or MAC Binding on Cisco ASA Firewall

edledge
edledge Cisco logo
Views: 567

Scenario:
Make: Cisco
Model: ASA 5506-X, ASA 5506 W-X, ASA 5508-X, Cisco ASA 5500 Series
Mode: GUI [Graphical User Interface] & CLI [Command Line Interface]
Description: In this article, we will discuss the stepwise method of how to add static ARP or MAC address bind on the Cisco ASA Firewall. Here will we discuss both the CLI & GUI method of configuring static arp.

Introduction

ARP stands for Address Resolution Protocol. It is a communication protocol used for discovering the link-layer address such as a MAC Address, associated with a given internet layer address, typically an IPv4 address. The Address Resolution Protocol uses a simple message format containing one address resolution request or response. The Address Resolution Protocol is a request-response protocol. Its messages are directly encapsulated by a link layer protocol.

Configuration

GUI [Graphical User Interface] Method

Step1: Login
Log in to the ASA using username and password

ASA ASDM Login

Knowledge_Check_Cisco_01

1 / 5

What are the two types of packet capture in Cisco ASA?

2 / 5

What is the default buffer size of Cisco ASA PCAP?

3 / 5

How many interfaces in Cisco ASA can have same route map?

4 / 5

Does Cisco ASA supports PPPoE link?

5 / 5

How many 10 Gig ports are available in Cisco 5508-X ASA?

Your score is

The average score is 0%

0%

Step2: Navigate to ARP
Follow the steps shown below in the image and access the “ARP Static Table“. Go to
Configuration ==> Device Management ==> ARP ==> ARP Static Table

cisco_asa_arp_table

Step3: Add ARP
Add the static ARP, interface, and MAC address. Follow the steps shown below in the image.

cisco_asa_add_static_arp

Step4: Save
Save the configuration by clicking “Save” to ensure changes are saved.

CLI [Command Line Interface] Method

Step1: Login
SSH onto the ASA Firewall

SSH 10.1

Step2: Add ARP
Use the command shown below to add the static ARP.

edledge-asa#
edledge-asa#conf t
edledge-asa(config)# arp outside 10.1.1.1 abcd.0000.1234

Step3: Confirmation
Execute the command to confirm the static ARP has been added.

edledge-asa# sh arp
Outside 10.1.1.1 abcd.0000.1234 47
Outside1 10.1.1.1 abcd.0000.1235 20
Inside 10.1.1.1 abcd.0000.1236 36

Step4: Save
Save the configuration.

edledge-asa# wr
Building configuration...
Cryptochecksum: ab4d2ef8 ad34cfff 0e17d844 d62ab138

162597 bytes copied in 1.680 secs (162597 bytes/sec)
[OK]
edledge-asa#

Static APR has added to the ASA or MAC address binding completed.

Other topics on Cisco ASA/Firewall.

SourceCisco, Knowledge Base, Internet

EA00119

Leave a Reply

Your email address will not be published. Required fields are marked *