Quick Reference Guide
Management ACL 263
DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY
•
mask
mask
— A valid network mask of the source IP address.
•
mask
prefix-length
— Number of bits that comprise the source IP address prefix. The prefix
length must be preceded by a forward slash (/). (Range: 0 - 32)
•
service
service
— Service type. Possible values:
telnet
,
ssh
,
http,
https
and
snmp
.
Default Configuration
If no permit rule is defined, the default is set to deny
.
Command Mode
Management Access-list Configuration mode.
User Guidelines
• Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is
defined on the appropriate interface.
• The system supports up to 128 management access rules.
Example
The following example permits all ports in the mlist access list.
deny (Management)
The deny Management Access-List Configuration mode command defines a deny rule.
Syntax
•
deny
[
ethernet
interface-number
|
vlan
vlan-id
|
port-channel
port-channel-number
] [
service
service
]
•
deny ip-source
{
ipv4-address | ipv6-address/prefix-length
}[
mask
mask
|
prefix-length
]
[
ethernet
interface-number
|
vlan
vlan-id
|
port-channel
number
] [
service
service
]
•
ethernet
interface-number
— A valid Ethernet port number.
•
vlan
vlan-id
— A valid VLAN number.
•
port-channel
number
— A valid port-channel number.
•
ipv4-address
— Source IPv4 address.
•
ipv6-address/prefix-length
— Source IPv6 address and prefix length. The prefix length is
optional.
•
mask
mask
— A valid network mask of the source IP address.
Console(config)# management access-list mlist
Console(config-macl)# permit