1142 Management ACL Commands
•
vlan
vlan-id
— A valid VLAN number.
•
port-channel
number
— A valid port channel number.
•
ip-address
— Source IP address.
•
mask
mask
— Specifies the network mask of the source IP address.
•
mask
prefix-length
— Specifies the number of bits that comprise the
source IP address prefix. The prefix length must be preceded by a forward
slash (/). (Range: 0–32)
•
service
service
— Indicates service type. Can be one of the following:
telnet, ssh, http, https, tftp, or snmp.
•
priority
priority-value
— Priority for the rule. (Range: 1 – 64)
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with ethernet, vlan, and port-channel parameters are valid only if an IP
address is defined on the appropriate interface. Ensure that each rule has a
unique priority.
Examples
The following example shows how to configure two management interfaces,
Ethernet 1/g1 and Ethernet 2/g9.
console(config)#management access-list mlist
console(config-macal)# permit ethernet 1/g1 priority
<1-64>
console(config-macal)# permit ethernet 2/g9 priority
<1-64>
console(config-macal)# exit
console(config)# management access-class mlist
