cancel
Showing results for 
Search instead for 
Did you mean: 

Do we trust or untrust ports that connect to Access Point when configure DAI

Here to help

Do we trust or untrust ports that connect to Access Point when configure DAI

I'm configuring DAI and wondering if we should put the port that connect to Access Point (Meraki) as trust or untrust port?

 

Thanks,

3 REPLIES 3
Highlighted
Kind of a big deal

Re: Do we trust or untrust ports that connect to Access Point when configure DAI

I think I would mark them as DAI trusted.  APs often use proxy arp on the wireless side to reduce the broadcasting of ARP packets - the very thing DAI relies on.

 

I suspect it would cause issues using DAI on an AP port.

Here to help

Re: Do we trust or untrust ports that connect to Access Point when configure DAI

We have seen a case that Wireless clients sniff the default gateway. If we trust the AP port, won't DAI block bad ARP? 

Building a reputation

Re: Do we trust or untrust ports that connect to Access Point when configure DAI

We have got all user ports untrusted even with MR accesspoints. No issues up to now (with MS10.45, MS11.22 and MR25.13 softwared networks/devices). Only the uplink-ports are trusted. 


https://www.ravensburger.com
https://www.ravensburger.us
https://www.brio.us
https://www.thinkfun.com
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.