deny (management)
Use the deny command in Management Access-List Configuration mode to
set conditions for the management access list.
Syntax
deny [gigabitethernet
channel-number | tengigabitethernet unit/slot/port ] [service service ] [priority
priority
]
deny ip-source
unit/slot/port
tengigabitethernet
•
gigabitethernet
number.
vlan-id — A valid VLAN number.
•
vlan
•
port-channel
number.
•
tengigabitethernet
port number.
ip-address — Source IP address.
•
mask — Specifies the network mask of the source IP address.
•
mask
prefix-length — Specifies the number of bits that comprise the
•
mask
source IP address prefix. The prefix length must be preceded by a forward
slash (/). (Range: 0–32)
service — Indicates service type. Can be one of the following:
service
•
telnet, ssh, http, https, tftp, snmp, sntp, or any. The any keyword indicates
that the service match for the ACL is effectively "don't care".
priority — Priority for the rule. (Range: 1–64)
priority
•
Default Configuration
This command has no default configuration.
Command Mode
Management Access-list Configuration mode
1380
Management ACL Commands
unit/slot/port
ip-address
[mask
vlan-id
| vlan
| port-channel
unit/slot/port
unit/slot/port — A valid 1-gigabit Ethernet-routed port
port-channel-number — A valid routed port-channel
unit/slot/port — A valid 10-gigabit Ethernet-routed
vlan-id
| vlan
mask
prefix-length
|
port-channel-number |
service
] [service
port-
| port-channel
] [gigabitethernet
priority
] [priority
]