In order to reduce the impact of ARP spoofing attacks, I would like implement DHCP snooping and dynamic Arp inspection feature features on our Cisco enterprise network.
Test were conclusive for all devices connected directly to cisco switches.
However, I still have problems with devices connected to SOHO unmanaged switches.
Could you indicate me please, how I can overcome this problem.
You can find in attachment an example diagram.
Printer1 and PC2 cause connectivity problem when port Fa0/23 on switch S2 is configured as untrusted.
When I configure that port as trusted, I still can operate successfull ARP spoofing attacks with Cain & Abel software.