allow
To configure an interface as an inband or out-of-band interface to allow all peer addresses for a specified
protocol or all protocols, use the allow command in management plane protection inband interface configuration
mode or management plane protection out-of-band interface configuration. To disallow a protocol on an
interface, use the no form of this command.
allow {protocol| all} [peer]
no allow {protocol| all} [peer]
Syntax Description
Interface configured to allow peer-filtering for the following specified protocol’s traffic:
•
HTTP(S)
•
SNMP (also versions)
•
Secure Shell (v1 and v2)
•
TFTP
•
Telnet
•
XML
protocol
Configures the interface to allow peer-filtering for all the management traffic that is
specified in the list of protocols.
all
(Optional) Configures the peer address on the interface. Peer refers to the neighboring
router interface in which traffic might arrive to the main router.
peer
Command Default
By default, no management protocol is allowed on any interface except the management interfaces.
Command Modes
Management plane protection inband interface configuration
Command History
ModificationRelease
This command was introduced.Release 3.5.0
The following modifications were added:
•
The peer keyword was added to support peer-filtering.
•
Management plane protection out-of-band interface configuration
mode was added.
Release 3.6.0
The XML keyword was added.Release 4.0.0
Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1
166 OL-24740-01
Management Plane Protection Commands
allow
To Next Page
Loading...
Need help?
General
