Management ACL 269Management ACLmanagement access-listThe management access-list Global Configuration mode command defines an Access-List formanagement, and enters the Access-List for configuration. Once in the Access-List Configurationmode, the denied or permitted access conditions are configured with the deny and permitcommands. Use the no form of this command to remove an Access List.Syntax• management access-list name• no management access-list name• name — The Access List name using up to 32 characters.Default ConfigurationThis command has no default configuration.Command ModeGlobal Configuration mode.User Guidelines• This command enters the Access List Configuration mode, where the denied or permitted accessconditions with the deny and permit commands must be defined.• If no match criteria are defined the default is "deny".• If reentering to an Access-List context, the new rules are entered at the end of the Access-List.• Use the management access-class command to select the active Access-List.• The active management list cannot be updated or removed.• Management ACL requires a valid management interface (valid IFindex). A valid managementinterface is an interface with an IP address. A valid (IFindex) management interface can be asingle port, VLAN or port-channel. Management ACL only restricts access to the device formanagement configuration or viewing.5400_CLI.book Page 269 Wednesday, December 17, 2008 4:33 PM