IP Permit List Default Configuration
You can specify the same IP address in more than one entry in the permit list if the masks are different.
The mask is applied to the address before it is stored in NVRAM, so that entries that have the same effect
(but different addresses) are not stored. When you add such an address to the IP permit list, the system
displays the address after the mask is applied.
IP Permit List Default Configuration
Table 17-1
Table 17-1 IP Permit List Default Configuration
Feature
IP permit list enable state
Permit list entries
IP syslog message severity level
SNMP IP permit trap (ippermit)
Configuring the IP Permit List
These sections describe how to configure IP permit list:
•
•
•
•
Adding IP Addresses to the IP Permit List
An IP address can be added to the SNMP permit list, the Telnet permit list, or both lists.
To add IP addresses to an IP permit list, perform this task in privileged mode:
Task
Step 1
Specify the IP addresses to add to the IP permit
list.
Step 2
Verify the IP permit list configuration.
You can use the set security acl command to more efficiently set permit lists.
Note
This example shows how to add IP addresses to IP permit list and verify the configuration:
Console> (enable) set ip permit 172.16.0.0 255.255.0.0 telnet
172.16.0.0 with mask 255.255.0.0 added to Telnet permit list.
Console> (enable) set ip permit 172.20.52.32 255.255.0.0 snmp
172.20.52.32 with mask 255.255.0.0 added to Snmp permit list.
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
17-2
shows the default IP permit list configuration.
Adding IP Addresses to the IP Permit List, page 17-2
Enabling IP Permit List, page 17-3
Disabling the IP Permit List, page 17-4
Clearing an IP Permit List Entry, page 17-4
Chapter 17
Default Value
Disabled
None configured
2
Disabled
Command
set ip permit ip_address [mask] [all | snmp |
telnet | ssh]
show ip permit
Configuring the IP Permit List
78-12647-02