Use the Management Access List Configuration page to create and configure a management access list to help secure access to the switch management features. The Management Access Control and Administration List (MACAL) feature is used to ensure that only known and trusted devices are allowed to remotely manage the switch via TCP/IP.
This page provides the capability to add, edit, and remove MACALs. MACALs can be applied only to in-band ports and cannot be applied to the service port.
To access this page, click
in the navigation menu.Note
Profile rules cannot be added or modified when a profile is active. To add or edit a profile, the Active Profile field must be set to None.Field | Description |
---|---|
Access Profile | Profile name for the Management Access Control list. One user defined Access Profile can be created. |
Active Profile | Currently enabled profile name. |
Packets Filtered | The number of packets filtered due to matching a rule in the MACAL. |
Interface | The port/interface or trunk ID. |
Management Method | The types of action will be taken on access control
list.
In the Add or Edit Profile Rule dialog, this is specified using the Action field. |
Source IP Address | IP Address of device which needs to permit or deny in the management access list. |
Subnet Mask | Specifies the network mask of the source IP address. |
VLAN | The VLAN ID. |
Port Channel | Port channels, also known as LAGs (Link Aggregation Groups), allow one or more full-duplex Ethernet links of the same speed to be aggregated together. |
Service | The type of service to permit or deny:
|
Priority | Priority for the rule. Duplicates are not allowed. |