Chapter 15. management acl commands, Management access-list, Chapter 15.management acl commands – Allied Telesis AT-S95 CLI User Manual

Page 144

Not approved by Document Control. For review only.

Allied Telesis

Command Line Interface User’s Guide

Chapter 15.Management ACL Commands

management access-list

The management access-list Global Configuration mode command configures a management Access List and
enters the Management Access-list Configuration command mode. Use the no form of this command to delete an
Access List.

Syntax

management access-list name

no management access-list name

Parameters
•

name — Access list name. (Range: 1-32 characters)

Default Configuration

This command has no default configuration.

Command Mode

Global Configuration mode

User Guidelines

Use this command to configure a management Access List. The command enters the Access-list Configuration
mode, where permit and deny access rules are defined using the permit (Management) and deny
(Management) commands.

If no match criteria are defined, the default is deny.

If you reenter an Access List context, the new rules are entered at the end of the Access List.

Use the management access-class command to select the active Access List.

The active management list cannot be updated or removed.

Management ACL requires a valid management interface, which is a port, VLAN, or port-channel with an IP
address or console interface. Management ACL only restricts access to the device for management configuration
or viewing.

Example

The following example creates a management Access List called mlist, configures management Ethernet
interfaces 1/g1 and 2/g9 and makes the new Access List the active list.

Console(config)# management access-list mlist
Console(config-macl)# permit ethernet 1/g1
Console(config-macl)# permit ethernet 2/g9
Console(config-macl)# exit
Console(config)# management access-class mlist