318
C
HAPTER
21: M
ANAGEMENT
ACL C
OMMANDS
Management ACL requires a valid management interface, which is a port,
VLAN, or port-channnel with an IP address or console interface.
Management ACL only restricts access to the device for management
configuration or viewing.
Example
The following example creates a management access list called ‘mlist’,
configures management Ethernet interfaces g1 and g9 and makes the
new access list the active list.
The following example creates a management access list called ‘mlist’,
configures all interfaces to be management interfaces except Ethernet
interfaces g1 and g9 and makes the new access list the active list.
permit
(Management)
The
permit
Management Access-List Configuration mode command
defines a permit rule.
Syntax
permit
[
ethernet
interface-number |
vlan
vlan-id |
port-channel
port-channel-number |] [
service
service]
permit ip-source
ip-address
[
mask
mask
|
prefix-length
] [
ethernet
interface-number
|
vlan
vlan-id
|
port-channel
port-channel-number
|]
[
service
service
]
Parameters
■
interface-number
— A valid Ethernet port number.
Console(config)#
management access-list
mlist
Console(config-macl)#
permit
ethernet
1g
Console(config-macl)#
permit
ethernet
g9
Console(config-macl)#
exit
Console(config)#
management access-class
mlist
Console(config)#
management access-list
mlist
Console(config-macl)#
deny
ethernet
g1
Console(config-macl)#
deny
ethernet
g9
Console(config-macl)#
permit
Console(config-macl)#
exit
Console(config)#
management access-class
mlist
Summary of Contents for 3CRUS2475 24
Page 18: ......
Page 40: ...40 CHAPTER 2 AAA COMMANDS ...
Page 54: ...54 CHAPTER 3 ACL COMMANDS ...
Page 76: ...76 CHAPTER 4 ADDRESS TABLE COMMANDS ...
Page 166: ...166 CHAPTER 10 CLOCK COMMANDS ...
Page 200: ...200 CHAPTER 13 LACP COMMANDS ...
Page 208: ...208 CHAPTER 14 POWER OVER ETHERNET COMMANDS ...
Page 262: ...262 CHAPTER 15 SPANNING TREE COMMANDS ...
Page 278: ...278 CHAPTER 17 RADIUS COMMAND ...
Page 281: ...show ports monitor 281 g1 8 RX TX Active g2 8 RX TX Active g18 8 RX Active ...
Page 282: ...282 CHAPTER 18 PORT MONITOR COMMANDS ...
Page 306: ...306 CHAPTER 19 SNMP COMMANDS ...
Page 316: ...316 CHAPTER 20 IP ADDRESS COMMANDS ...
Page 330: ...330 CHAPTER 22 WIRELESS ROGUE AP COMMANDS ...
Page 350: ...350 CHAPTER 23 WIRELESS ESS COMMANDS ...
Page 382: ...382 CHAPTER 25 SSH COMMANDS ...
Page 400: ...400 CHAPTER 27 TACACS COMMANDS Global values TimeOut 3 ...
Page 444: ...444 CHAPTER 31 USER INTERFACE COMMANDS ...
Page 454: ...454 CHAPTER 32 GVRP COMMANDS ...
Page 492: ...492 CHAPTER 34 802 1X COMMANDS ...
Page 521: ...Troubleshooting Solutions 521 ...
Page 522: ...522 CHAPTER 37 TROUBLESHOOTING ...