Allow - Cisco NCS 5000 Series Manual

Management Plane Protection Commands

allow

To configure an interface as an inband interface to allow all peer addresses for a specified protocol or all
protocols, use the allow command in management plane protection inband interface configuration mode.
To disallow a protocol on an interface, use the no form of this command.
allow {protocol| all} [peer]
no allow {protocol| all} [peer]
Syntax Description
protocol
all
peer
Command Default
By default, no management protocol is allowed on any interface except the management interfaces.
Command Modes
Management plane protection inband interface configuration
Command History
Release
Release 6.0.1
Usage Guidelines
If you permit or allow a specific protocol to an interface, traffic is allowed only for that protocol, and all other
management traffic is dropped.
The IOS XR XML API provides a programmatic interface to the router for use by external management
applications. This interface provides a mechanism for router configuration and monitoring utilizing XML
Interface configured to allow peer-filtering for the following specified protocol's traffic:
• Netconf
• SNMP (also versions)
• Secure Shell (v1 and v2)
• TFTP
• Telnet
• XML
Configures the interface to allow peer-filtering for all the management traffic that is
specified in the list of protocols.
(Optional) Configures the peer address on the interface. Peer refers to the neighboring
router interface in which traffic might arrive to the main router.
System Security Command Reference for Cisco NCS 5000 Series Routers
allow
Modification
This command was introduced.
133