Console (config)# management access-list mlist
Console (config-macl)# deny ethernet g1
Console (config-macl)# deny ethernet g2
Console (config-macl)# permit
Console (config-macl)# exit
Console (config)# management access-class mlist
5.13.2 permit (management)
The permit management access-list configuration command defines a permit rule.
Syntax
permit [ethernet interface-number | vlan vlan-id | port-channel number | out-of-band-eth oob-interface]
[service service]
permit ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id |
port-channel number | out-of-band-eth oob-interface] [service service]
ethernet interface-number — A valid Ethernet port number.
vlan vlan-id — A valid VLAN number.
port-channel number — A valid port channel number.
ip-address — Source IP address.(Range: Valid IP Address)
mask mask — Specifies the network mask of the source IP address. (Range: Valid subnet mask)
mask prefix-length — Specifies the number of bits that comprise the source IP address prefix.
The prefix length must be preceded by a forward slash (/). (Range: 0 - 32)
service service — Indicates service type. Can be one of the following: telnet, ssh, http, https or
snmp.
out-of-band-eth oob-interface — Out of band ethernet port number.
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on the
appropriate interface.The system supports up to 256 management access rules.