Administrator Guide
Security Commands 1053
permit (management)
Use the permit command in Management Access-List configuration mode to
set conditions for allowing packets to flow to the switch management
function.
Syntax
permit ip-source
ip-address
[mask
mask
|
prefix-length
] [gigabitethernet
unit/slot/port | vlan
vlan-id
|
port-channel
port-channel-number
|
tengigabitethernet unit/slot/port |fortygigabitethernet unit/slot/port][
service
service
] [ priority
priority-value
]
permit {gigabitethernet unit/slot/port | vlan
vlan-id
|
port-channel
port-
channel-number
| tengigabitethernet unit/slot/port |fortygigabitethernet
unit/slot/port} [service
service
] [priority
priority-value
]
permit service
service
[priority
priority-value
]
permit priority
priority-value
•
gigabitethernet
unit/slot/port — A valid 1-gigabit Ethernet-routed port
number.
•
vlan
vlan-id
— A valid VLAN number.
•
port-channel
port-channel-number
— A valid port channel number.
•
tengigabitethernet
unit/slot/port — A valid 10-gigabit Ethernet-routed
port number.
•
fortygigabitethernet
unit/slot/port
–
A valid 40-gigabit Ethernet-routed
port number.
•
ip-address
— Source IP address.
•
mask
mask
— Specifies the network mask of the source IP address.
•
mask
prefix-length
— Specifies the number of bits that comprise the
source IP address prefix. The prefix length must be preceded by a forward
slash (/). (Range: 0–32)
•
service
service
— Indicates service type. Can be one of the following:
telnet
,
ssh
,
http
,
https
,
tftp
,
snmp
,
sntp
, or
any
. The
any
keyword indicates
that the service match for the ACL is effectively "don’t care".
•
priority
priority-value
— Priority for the rule. (Range: 1 – 64)
2CSNXXX_SWUM204.book Page 1053 Monday, January 25, 2016 1:25 PM