Management ACL Commands
699 OL-32830-01 Command Line Interface Reference Guide
33
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with ethernet, VLAN, and port-channel parameters are valid only if an IP
address is defined on the appropriate interface.
Example
The following example denies all ports in the ACL called mlist.
switchxxxxxx(config)#
management access-list mlist
switchxxxxxx(config-macl)#
switch deny
33.2 permit (Management)
To set permit rules (ACEs) for the management access list (ACL), use the permit
Management Access-list Configuration mode command.
Syntax
permit
[interface-id] [service service]
permit ip-source {
ipv4-address
|
ipv6-address
/
ipv6-prefix-length
}
[mask {mask |
prefix-length}] [interface-id] [service service]
Parameters
• interface-id —(Optional) Specify an interface ID. The interface ID can be
one of the following types: Ethernet port, Port-channel or VLAN
• service
service
— (Optional) Specifies the service type. Possible values
are: Telnet, SSH, HTTP, HTTPS and SNMP.
• ipv4-address — Specifies the source IPv4 address.
• ipv6-address/ipv6-prefix-length — Specifies the source IPv6 address and
source IPv6 address prefix length. The prefix length must be preceded by a
forward slash (/). The parameter is optional.
• mask
mask
— Specifies the source IPv4 address network mask. This
parameter is relevant only to IPv4 addresses.
To Next Page
Loading...
Need help?
General