Add Static ARP or MAC Binding on Cisco ASA Firewall

edledge Cisco logo

Make: Cisco
: ASA 5506-X, ASA 5506 W-X, ASA 5508-X, Cisco ASA 5500 Series
Mode: GUI [Graphical User Interface] & CLI [Command Line Interface]
Description: In this article, we will discuss the stepwise method of how to add static ARP or MAC address bind on the Cisco ASA Firewall. Here will we discuss both the CLI & GUI method of configuring static arp.


ARP stands for Address Resolution Protocol. It is a communication protocol used for discovering the link-layer address such as a MAC Address, associated with a given internet layer address, typically an IPv4 address. The Address Resolution Protocol uses a simple message format containing one address resolution request or response. The Address Resolution Protocol is a request-response protocol. Its messages are directly encapsulated by a link layer protocol.


GUI [Graphical User Interface] Method

Step1: Login
Log in to the ASA using username and password


Step2: Navigate to ARP
Follow the steps shown below in the image and access the “ARP Static Table“. Go to
Configuration ==> Device Management ==> ARP ==> ARP Static Table


Step3: Add ARP
Add the static ARP, interface, and MAC address. Follow the steps shown below in the image.


Step4: Save
Save the configuration by clicking “Save” to ensure changes are saved.

CLI [Command Line Interface] Method

Step1: Login
SSH onto the ASA Firewall

SSH 10.1

Step2: Add ARP
Use the command shown below to add the static ARP.

edledge-asa#conf t
edledge-asa(config)# arp outside abcd.0000.1234

Step3: Confirmation
Execute the command to confirm the static ARP has been added.

edledge-asa# sh arp
Outside abcd.0000.1234 47
Outside1 abcd.0000.1235 20
Inside abcd.0000.1236 36

Step4: Save
Save the configuration.

edledge-asa# wr
Building configuration...
Cryptochecksum: ab4d2ef8 ad34cfff 0e17d844 d62ab138

162597 bytes copied in 1.680 secs (162597 bytes/sec)

Static APR has added to the ASA or MAC address binding completed.

Other topics on Cisco ASA/Firewall.

SourceCisco, Knowledge Base, Internet


Leave a Reply

Your email address will not be published. Required fields are marked *