Applying a Layer 3 ACL to the management interface

Use this procedure for applying a Layer 3 ACL to the management interface, using the {ip | ipv6} access-group command.

Note

Note

If an explicit "deny ip any any" IP rule is applied to the management interface, that IP rule has priority over any TCP or UDP rules. Any incoming TCP packets that match that IP rule are dropped because the TCP packet has an IP header.

  1. Enter configure terminal to access global configuration mode. 
    device# configure terminal
  2. Use the interface management command to enter configuration mode for the management interface. 
    device(config)# interface management 0
  3. To apply an IPv4 ACL to the management interface, enter the ip access-group command, specifying the ACL that you are applying to the interface, and in. 
    device(config-Management-0)# ip access-group stdACL3 in
  4. To apply an IPv6 ACL to the management interface, enter the ipv6 access-group command, specifying the ACL that you are applying to the interface, and in. 
    device(config-Management-0k)# ipv6 access-group stdV6ACL1 in
9036684-01 Rev AA