Technical Tip: How to add static ARP entry in IPv4...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 190935

Description

This article describes the commands to add the ip-mac address binding in both IPv4 and IPv6.

Scope

FortiGate.

Solution

Using the FortiGate CLI.

For IPv4:

config system arp-table

edit %value%
set interface <interface-name>
set IP
set mac
end

For example:

config system arp-table

edit 1
set interface internal
set ip 192.168.1.50
set mac 00:50:5A:20:14:1E
end

For IPv6:

diagnose ipv6 neighbor-cache add <interface-name> <ipv6 address> <mac-address>

For example:

diagnose ipv6 neighbor-cache add port1 2001:660:7220:83cf:172:20:0:102 78:48:59:61:52:3d

Verification of Configuration and Troubleshooting:
To verify the existing ARP entries in IPv4:

get system arp

Address            Age(min) Hardware Addr Interface
192.168.1.50            -                00:50:5a:20:14:1e           internal   <-----
10.1.1.2                     0             04:09:ff:09:c6:23            wan

To verify the existing Neighbor Cache entries in IPv6:

diagnose ipv6 neighbor-cache list

ifindex=3 ifname=port1 2001:660:7220:83cf:172:20:0:102 78:48:59:61:52:3d state=00000080 use=942 confirm=942 update=942 ref=0

35972

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: How to add static ARP entry in IPv4 and Neighbor Cache in IPv6

You are leaving our website