Owner's Manual
208 Management ACL
www.dell.com | support.dell.com
The following example shows how to create an access-list called "mlist", configure all interfaces to
be management interfaces except interfaces ethernet g1 and ethernet g9, and make the access-list
the active list.
permit (management)
The
permit
management access-list configuration command defines a permit rule.
Syntax
permit
[
ethernet
interface-number
|
vlan
vlan-id
|
port-channel
number
|
out-of-band-eth
oob-interface
] [
service
service
]
permit ip-source
ip-address
[
mask
mask
|
prefix-length
] [
ethernet
interface-number
|
vlan
vlan-id
|
port-channel
number
|
out-of-band-eth
oob-interface
] [
service
service
]
•
ethernet
interface-number
—A valid Ethernet port number.
•
vlan
vlan-id
—A valid VLAN number.
•
port-channel
number
—A valid port channel number.
•
ip-address
—Source IP address.
•
mask
mask
—Specifies the network mask of the source IP address.
•
mask
prefix-length
—Specifies the number of bits that comprise the source IP address
prefix. The prefix length must be preceded by a forward slash (/).
•
service
service
—Indicates service type. Can be one of the following:
telnet
,
ssh
,
http,
https
or
snmp
.
•
out-of-band-eth
oob-interface
—Out-of-band Ethernet port number.
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
Console (config)# management access-list mlist
Console (config-macl)# deny ethernet g1
Console (config-macl)# deny ethernet g9
Console (config-macl)# permit
Console (config-macl)# exit
Console (config)# management access-class mlist