User’s Manual of WGSD-1022/WGSD-8000
deny ip-sourceip-address [mask mask prefix-length] [ethernet interface-number vlan vlan-id port-channelnumber out-of-band-ethoob-interface] ] [service service]
ethernet interface-number— A valid Ethernet port number.
vlan vlan-id— A valid VLAN number.
port-channelnumber — A valid port-channel number.
ip-address— Source IP address. (Range: Valid IP Address)
mask mask — Specifies the network mask of the source IP address.(Range: Valid subnet mask)
mask prefix-length— Specifies the number of bits that comprise the source IP address prefix. The prefix length must be preceded by a forward slash (/).
service service — Indicates service type. Can be one of the following: telnet, ssh, http, https or snmp.
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
User Guidelines
Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on the appropriate interface.The system supports up to 256 management access rules.
Example
The following example shows how all ports are denied in the access-list called "mlist".
Console (config)# management access-listmlist
Console (config-macl)# deny
5.13.4 management access-classThe management access-classglobal configuration command defines which management access-list is used. To disable restriction, use the no form of this command.
Syntax
management access-class {console-only name}
no management access-class
name — Name of the access list. If unspecified, defaults to an empty access-list.(Range: Valid name)
console-only— The device can be managed only from the console.
Default Configuration
This command has no default configuration.
- 245 –
