access-class

To restrict incoming and outgoing connections between a particular VTY (into a Cisco Nexus 5000 Series switch) and the addresses in an access list, use the access-class command. To remove access restrictions, use the no form of this command.

access-class access-list-name { in | out }

no access-class access-list-name { in | out }

Syntax Description

access-list-name
Name of the IPv4 ACL class. The name can be a maximum of 64 alphanumeric characters. The name cannot contain a space or quotation mark.
in
Specifies that incoming connections be restricted between a particular Cisco Nexus 5000 Series switch and the addresses in the access list.
out
Specifies that outgoing connections be restricted between a particular Cisco Nexus 5000 Series switch and the addresses in the access list.

Command Default

None

Command Modes

Line configuration mode

Command History

Release
Modification
5.0(2)N1(1)
This command was introduced.

Usage Guidelines

When you allow telnet or SSH to a Cisco device, you can secure access to the device by binding an access class to the VTYs.

To display the access lists for a particular terminal line, use the show line command.

Examples

This example shows how to configure an access class on a VTY line to restrict inbound packets:

switch# configure terminal
switch(config)# line vty
switch(config-line)# access-class ozi2 in
switch(config-line)#
 

This example shows how to remove an access class that restricts inbound packets:

switch(config)# line vty
switch(config-line)# no access-class ozi2 in
switch(config-line)#
 

Related Commands

Command
Description
ip access-class
Configures an IPv4 access class.
show access-class
Displays the access classes configured on the switch.
show line
Displays the access lists for a particular terminal line.
show running-config aclmgr
Displays the running configuration of ACLs.
ssh
Starts an SSH session using IPv4.
telnet
Starts a Telnet session using IPv4.