Permit (management) – Allied Telesis AT-S94 CLI (AT-8000S Series) User Manual

Page 195

Allied Telesis
AT-8000S-S94-3.0 Command Line Interface User’s Guide

Example

The following example creates a management Access List called mlist, configures management Ethernet
interfaces 1/e1 and 2/e9 and makes the new Access List the active list.

The following example creates a management Access List called mlist, configures all interfaces to be
management interfaces except Ethernet interfaces 1/e1 and 2/e9 and makes the new Access List the active list.

permit (Management)

The permit Management Access-List Configuration mode command defines a permit rule.

Syntax

permit [ethernet interface-number | vlan vlan-id | port-channel port-channel-number] [service service]

permit ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel
port-channel-number] [service service]

Parameters
•

interface-number — A valid Ethernet port number.

•

vlan-id — A valid VLAN number.

•

port-channel-number — A valid port channel index.

•

ip-address — A valid source IP address.

•

mask — A valid network mask of the source IP address.

•

prefix-length — Number of bits that comprise the source IP address prefix. The prefix length must be

preceded by a forward slash (/). (Range: 0 - 32)

•

service — Service type. Possible values: telnet, ssh, http, https and snmp.

Default Configuration

If no permit rule is defined, the default is set to deny.

Command Mode

Management Access-list Configuration mode

console(config)# management access-list mlist

console(config-macl)# permit ethernet 1/e1

console(config-macl)# permit ethernet 2/e9

console(config-macl)# exit

console(config)# management access-class mlist

console(config)# management access-list mlist

console(config-macl)# deny ethernet 1/e1

console(config-macl)# deny ethernet 2/e9

console(config-macl)# permit

console(config-macl)# exit

console(config)# management access-class mlist