Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with ethernet, vlan, and port-channel parameters are valid only if an IP address is defined
on the appropriate interface. Ensure that each rule has a unique priority.
Examples
The following example shows how to configure two management interfaces, Ethernet 1/g1 and
Ethernet 2/g9.
console(config)#management access-list mlist
console(config-macl)# permit ethernet 1/g1 priority <1-64>
console(config-macl)# permit ethernet 2/g9 priority <1-64>
console(config-macl)# exit
console(config)# management access-class mlist
The following example shows how to configure all the interfaces to be management interfaces
except for two interfaces, Ethernet 1/g1 and Ethernet 2/g9.
console(config)# management access-list mlist
console(config-macl)# deny ethernet 1/g1 priority <1-64>
console(config-macl)# deny ethernet 2/g9 priority <1-64>
console(config-macl)# permit priority <1-64>
console(config-macl)# exit
console(config)# management access-class mlist
show management access-class
Use the show management access-class command in Privileged EXEC mode to display
information about the active management access list.
Syntax
show management access-class
Default Configuration
This command has no default configuration.
963
Management ACL Commands