permit priority
gigabitethernet unit/slot/port — A valid 1-gigabit Ethernet-routed port
•
number.
vlan-id — A valid VLAN number.
•
vlan
•
port-channel
•
tengigabitethernet unit/slot/port — A valid 10-gigabit Ethernet-routed
port number.
•
fortygigabitethernet unit/slot/port
port number.
ip-address — Source IP address.
•
mask — Specifies the network mask of the source IP address.
mask
•
prefix-length — Specifies the number of bits that comprise the
mask
•
source IP address prefix. The prefix length must be preceded by a forward
slash (/). (Range: 0–32)
service — Indicates service type. Can be one of the following:
•
service
telnet, ssh, http, https, tftp, snmp, sntp, or any. The any keyword indicates
that the service match for the ACL is effectively "don't care".
priority-value — Priority for the rule. (Range: 1 – 64)
•
priority
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with gigabitethernet, tengigabitethernet, fortygigabitethernet, vlan,
and port-channel parameters are valid only if an IP address is defined on the
appropriate interface. Ensure that each rule has a unique priority.
Examples
The following example shows how to configure two management interfaces,
gigabit Ethernet 1/0/1 and gigabit Ethernet 2/0/9.
console(config)#management access-list mlist
1500
Management ACL Commands
priority-value
port-channel-number — A valid port channel number.
–
A valid 40-gigabit Ethernet-routed