Management ACL
management access-list
The management access-list Global Configuration mode command defines an Access-List for
management, and enters the Access-List for configuration. Once in the Access-List Configuration
mode, the denied or permitted access conditions are configured with the deny and permit
commands. Use the no form of this command to remove an Access List.
Syntax
•
management access-list name
•
no management access-list name
•
name — The Access List name using up to 32 characters.
Default Configuration
This command has no default configuration.
Command Mode
Global Configuration mode.
User Guidelines
•
This command enters the Access List Configuration mode, where the denied or permitted access
conditions with the deny and permit commands must be defined.
•
If no match criteria are defined the default is "deny".
•
If reentering to an Access-List context, the new rules are entered at the end of the Access-List.
•
Use the management access-class command to select the active Access-List.
•
The active management list cannot be updated or removed.
•
Management ACL requires a valid management interface (valid IFindex). A valid management
interface is an interface with an IP address. A valid (IFindex) management interface can be a
single port, VLAN or port-channel. Management ACL only restricts access to the device for
management configuration or viewing.
269
Management ACL