146 MES1000, MES2000 Ethernet Switches
Table 5.157 —Description of results
Index, the unique identifier of the record.
Comment that describes the event.
5.19.6 ACL access lists for device management
Switches firmware allows to enable or disable the access to device management via the specific
interfaces. Access control lists (ACL) are created for this purpose.
Global configuration mode commands
Command line request in global configuration mode appears as follows:
console(config)#
Table 5.158 —Global configuration mode commands
management access-list
name
Create access control list. Enter the access control list
configuration mode.
no management access-list
name
Remove access control list.
management access-class
{console-only | name}
Restrict device management by the specific access list.
Activate the specific access list.
- console-only—device management is available via the
console only.
no management access-
class
Remove the device management restriction by the specific
access list.
Access control list configuration mode commands
Command line request in access control list configuration mode appears as follows:
console(config)# management access-list eltex_manag
console (config-macl)#
Table 5.159 —Access control list configuration mode commands
permit
[gigabitethernet gi_port |
fastethernet fa_port |port-
channel group|
vlan vlan_id]
[service service]
gi_port: (1..3/0/1..28);
fa_port: (1..3/0/1..24);
group: (1..8);
vlan_id(1..4094);
service: {telnet, ssh,
snmp, http, https}
Define the allowing criteria for the access control list.
- service—access type—Telnet, SSH, SNMP, HTTP, HTTPS.
In condition parameters, you can specify the interface and the
device access protocol.
permit ip-source
{ipv4_address |
ipv6_address/prefix-length}
[mask {mask| prefix-length}]
[gigabitethernet gi_port |
fastethernet fa_port |port-
channel group|vlan vlan_id]
[service service]
Define the restriction criteria for the access control list.
To Next Page
Loading...
Need help?
General
