permit (Management)
The permit Management Access-List Configuration mode command defines a permit rule.
Syntax
•
permit [ethernet interface-number | vlan vlan-id | port-channel port-channel-number] [service service]
•
permit ip-source {ipv4-address | ipv6-address/prefix-length} [mask mask | prefix-length] [ethernet
interface-number | vlan vlan-id | port-channel number] [service service]
•
ethernet interface-number — A valid Ethernet port number.
•
vlan vlan-id — A valid VLAN number.
•
port-channel port-channel-number — A valid port channel index.
•
ipv4-address — Source IPv4 address.
•
ipv6-address/prefix-length — Source IPv6 address and prefix length. The prefix length is optional.
•
mask mask — A valid network mask of the source IP address.
•
mask prefix-length — Number of bits that comprise the source IP address prefix. The prefix length
must be preceded by a forward slash (/). (Range: 0 - 32)
•
service service — Service type. Possible values: telnet, ssh, http, https and snmp.
Default Configuration
If no permit rule is defined, the default is set to deny.
Command Mode
Management Access-list Configuration mode.
User Guidelines
•
Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on
the appropriate interface.
•
The system supports up to 128 management access rules.
Example
The following example permits all ports in the mlist access list.
Console(config)# management access-list mlist
Console(config-macl)# permit
247
Management ACL