Management ACL Commands
701 OL-32830-01 Command Line Interface Reference Guide
33
Command Mode
Global Configuration mode
User Guidelines
Use this command to configure a management access list. This command enters
the Management Access-list Configuration mode, where the denied or permitted
access conditions are defined with the deny and permit commands.
If no match criteria are defined, the default value is deny.
When re-entering the access-list context, the new rules are entered at the end of
the access list.
Use the management access-class command to select the active access list.
The active management list cannot be updated or removed.
For IPv6 management traffic that is tunneled in IPv4 packets, the management ACL
is applied first on the external IPv4 header (rules with the service field are
ignored), and then again on the inner IPv6 header.
Examples
Example 1 - The following example creates a management access list called mlist,
configures management gi11 and gi19, and makes the new access list the active
list.
switchxxxxxx(config)#
management access-list mlist
switchxxxxxx(config-macl)#
switchpermit gi11
switchxxxxxx(config-macl)#
switchpermit gi19
switchxxxxxx(config-macl)#
switchexit
switchxxxxxx(config)#
management access-class mlist
Example 2 - The following example creates a management access list called
‘mlist’, configures all interfaces to be management interfaces except gi1
1 and
gi1
9
, and makes the new access list the active list.
switchxxxxxx(config)#
management access-list mlist
switchxxxxxx(config-macl)#
switchdeny gi11
switchxxxxxx(config-macl)#
switchdeny gi19
To Next Page
Loading...
Need help?
General
