Filter
Top Products
320 CHAPTER 21: MANAGEMENT ACL COMMANDS
Parameters
■ interface-number — A valid Ethernet port number.
■ vlan-id — A valid VLAN number.
■ port-channel-number — A valid port-channel number.
■ ip-address — A valid source IP address.
■ mask — A valid network mask of the source IP address.
■ mask prefix-length — Specifies the number of bits that comprise the
source IP address prefix. The prefix length must be preceded by a
forward slash (/). (Range: 0-32)
■ service — Service type. Possible values: telnet, ssh, http, https and
snmp.
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with Ethernet, VLAN and port-channel parameters are valid only if
an IP address is defined on the appropriate interface.
The system supports up to 128 management access rules.
Example
The following example denies all ports in the access list called ‘mlist’.
management
access-class
The management access-class Global Configuration mode command
restricts management connections by defining the active management
access list. To disable this restriction, use the no form of this command.
Syntax
management access-class {console-only | name}
no management access-class
Console(config)#
management access-list
mlist
Console(config-macl)#
deny