Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
304
Views
0
Helpful
2
Replies

C1300 Management Access Profiles and Rules

williamk
Level 1
Level 1

‎02-07-2025 09:42 AM

Hi,

I bought a C1300 and am learning to navigate it compared to standard cisco IOS.  I have been unable to get Access Profiles and Access Rules to work.  I set up all my rules in a profile with a deny all rule at the bottom. I then make the access profile active.  However any ip is still able to login via https or ssh.  Am running latest firmware 4.1.4.1.  Has anyone been able to make this feature work?  Anything I am missing?

management access-list ManagementProfile
permit ip-source 172.16.20.2 mask 255.255.252.0
permit ip-source 172.16.20.222 mask 255.255.252.0
permit ip-source 172.16.20.179 mask 255.255.252.0
permit ip-source 192.168.12.5 mask 255.255.255.0
permit ip-source 192.168.12.1 mask 255.255.255.0
permit ip-source 192.168.12.254 mask 255.255.255.0
deny
exit
management access-class ManagementProfile

 

Labels:
0 Helpful
2 Replies 2

Joshqun Ismayilov
Level 1
Level 1

‎02-07-2025 11:49 AM

Hi @williamk 

Ensure the Access Profile is Applied to the Management Interface

>>#show management access-class

This should show if ManagementProfile is applied.

If not, explicitly apply it to the management services:

>>#management access-class ManagementProfile

Thanks !

0 Helpful

Tobias Heisele
Level 1
Level 1

‎05-05-2025 08:36 AM - edited ‎05-05-2025 08:58 AM

Can I apply different ACLs to different services like in ios?

Edit: I reread the CLI guide. If I understand correct, there is only one ACL which can be attached to the access-class, but each ACE can be bound to an service like "permit ip-source 10.0.100.0 mask 255.255.255.0 service SSH"

0 Helpful
Customers Also Viewed These Support Documents