Page 138
Not approved by Document Control. For review only.
Allied Telesis
Command Line Interface User’s Guide
The following example creates a management Access List called mlist, configures all interfaces to be
management interfaces except Ethernet interfaces 1/e1 and 2/e9 and makes the new Access List the active list.
permit (Management)
The permit Management Access-List Configuration mode command defines a permit rule.
Syntax
permit [ethernet interface-number | vlan vlan-id | port-channel port-channel-number] [service service]
permit ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel
port-channel-number] [service service]
Parameters
•
interface-number — A valid Ethernet port number.
• vlan-id — A valid VLAN number.
• port-channel-number — A valid port channel index.
• ip-address — A valid source IP address.
• mask — A valid network mask of the source IP address.
• prefix-length — Number of bits that comprise the source IP address prefix. The prefix length must be
preceded by a forward slash (/). (Range: 0 - 32)
• service — Service type. Possible values: telnet, ssh, http, https and snmp.
Default Configuration
If no permit rule is defined, the default is set to deny.
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on the
appropriate interface.
The system supports up to 128 management access rules.
Example
The following example permits all ports in the mlist Access List.
Console(config)#
management access-list
mlist
Console(config-macl)# deny
ethernet
1/e1
Console(config-macl)#
deny
ethernet
2/e9
Console(config-macl)#
permit
Console(config-macl)#
exit
Console(config)#
management access-class
mlist
Console(config)#
management access-list
mlist
Console(config-macl)#
permit
To Next Page
Loading...
Need help?
General
