How to prevent intranet attack by configuration

Intranet attacks are mainly attacks from some Layer 2 packets using the ARP protocol. The attacks affect Internet access of users. The main anti-attack means is ARP anti-attack.
1. Strictly learn ARP entries, which means that the router learns only the response packets corresponding to the ARP request packets the router sends. Run the arp learning strict command in the system view to configure ARP entry learning globally.
2. Configure ARP gateway conflict to prevent users from faking a gateway and causing other users to fail to access the Internet. Run the arp anti-attack gateway-duplicate enable command in the system view to enable the ARP gateway conflict anti-attack function globally.
3. To protect user packets to be normally forwarded to a gateway and not be intercepted, configure the router to send free ARP packets and refresh the gateway MAC address in an ARP entry periodically. Run the arp gratuitous-arp send enable command in the system view to configure the free ARP packet transmission function globally. By default, the free ARP packets are sent at an interval of 90s.

Scroll to top