Chapter 19. management acl commands, Management access-list, Chapter 19.management acl commands – Allied Telesis AT-S94 CLI (AT-8000S Series) User Manual

Management ACL Commands

Page 194

Chapter 19.Management ACL Commands

management access-list

The management access-list Global Configuration mode command configures a management Access List and
enters the Management Access-list Configuration command mode. Use the no form of this command to delete an
Access List.

Syntax

management access-list name

no management access-list name

Parameters
•

name — Access list name. (Range: 1-32 characters)

Default Configuration

This command has no default configuration.

Command Mode

Global Configuration mode

User Guidelines

Use this command to configure a management Access List. The command enters the Access-list Configuration
mode, where permit and deny access rules are defined using the permit (Management) and deny
(Management) commands.

If no match criteria are defined, the default is deny.

If you reenter an Access List context, the new rules are entered at the end of the Access List.

Use the management access-class command to select the active Access List.

The active management list cannot be updated or removed.

Management ACL requires a valid management interface, which is a port, VLAN, or port-channel with an IP
address or console interface. Management ACL only restricts access to the device for management configuration
or viewing.

For IPv6 management traffic that is tunneled in IPv4 packet, the management ACLs is applied first on the external
IPv4 header (rules with service field are ignored), and then again on the inner IPv6 header.