Hi @ekaszubski 

Thanks for posting in our business forum.

For the ACL, you should look it up in the User Guide and test it out yourself. It works as you configs. If it does not work, you need to double-check what you have configured.

ekaszubski wrote

The closest I've come to making this work is using IPv4 IMPB via Manual Binding and Arp Detection to effectively generate a "pass" rule (with implicit deny) for a specific IP/MAC; this blocks the unwanted ARP packets but it also blocks valid replies to the ARPs that I want to pass, and I cannot figure out how to allow the replies. I have tried adding a manual binding for the IP/MAC of the machine that generates the replies but they are still blocked by the switch (and are logged as being blocked due to IMPB MATCH FAILURE).

 

Hardware version: SG3428X-M2 1.20

In the end, if you still want to allow valid ARPs, you might wanna try other stuff like Port Security. Not ACL which blocks based on the protocol. ARP proxy.

We also have the use case which you can use deny and allow at the same time. Allow should be placed in the first place.

And to the point you asked, we don't provide support on how to block ARP. Blocking ARP is not proper and correct in our opinion. If you insist on doing so, please proceed at your discretion.