Table of Contents
Advertisement
Management ACL Commands
management access-list
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
When reentering the ACL context, the new rules are entered at the end of the
access list.
Use the management access-class command to select the active management
ACLs. The active management ACLs cannot be updated or removed.
For IPv6 management traffic that is tunneled in IPv4 packets, the management ACL
is applied first on the external IPv4 header (rules with the service field are
ignored), and then again on the inner IPv6 header.
Example
Example 1—The following example creates a management ACL called mlist,
configures fa9 and fa11 as the management interfaces, and adds the new ACL to
the active ACL:
switchxxxxxx(config)# management access-list mlist
switchxxxxxx(config-macl)# permit ip 192.168.1.111/0.0.255.255 interfaces gi9
service all
switchxxxxxx(config-macl)# permit ip 192.168.1.111/0.0.255.255 interfaces
gi11 service all
switchxxxxxx(config-macl)# exit
switchxxxxxx(config)#
Example 2—The following example creates a management ACL called mlist,
configures all interfaces to be management interfaces except fa9 and 11, and
adds the new ACL to the active ACL:
switchxxxxxx(config)# management access-list mlist
switchxxxxxx(config-macl)# deny ip 192.168.1.111/0.0.255.255 interfaces gi9
service all
switchxxxxxx(config-macl)# deny ip 192.168.1.111/0.0.255.255 interfaces gi11
service all
switchxxxxxx(config-macl)# exit
switchxxxxxx(config)#
23
348
Advertisement
Table of Contents
