Configure Intercepting Attack with Same Source and Destination IP Address
Network Requirements
- Device configures the detection function of intercepting the attack with the same source and destination IP address, detecting the attack packet and dropping it.
Network Topology
Figure 17–2 Networking of configuring intercepting the attack with the same source and destination IP address
Configuration Steps
Step 1: Configure VLAN and add the port to the corresponding VLAN. (Omitted)
Step 2: Configure the IP address of the interface. (Omitted)
Step 3: Configure the attack detection function.
#Configure the detection function of intercepting the attack with the same source and destination IP address.
|
Device#configure terminal
Device(config)# anti-attack detect src-dst-ip-equal
|
Step 4: Check the result.
#When Attacker initiates the packet attack with the same source and destination IP address to PC, we cannot capture the attack packet on PC.
-
The detection function of intercepting the attack with the same source and destination IP address is valid for the packets processed by CPU and the service packets.
- When the detection function of intercepting the attack with the same source and destination IP address drops the packet, do not generate the log or statistics information.
Switch
.png){kind=icon}
.png){kind=logo}
