Filter
Top Products
Chapter 10: Using the Command Line Interface
276
Adding a Role-Based Access Control Rule
Depending on where you want to add a new rule in the list, the command
syntax for adding a rule varies.
IPv4 commands
To add a new rule to the bottom of the IPv4 rules list, use this
command syntax:
config:#
security roleBasedAccessControl ipv4 rule add <start_ip> <end_ip> <role>
<policy>
To add a new IPv4 rule by inserting it above or below a specific
rule, use this command syntax:
config:#
security roleBasedAccessControl ipv4 rule add <start_ip> <end_ip> <role>
<policy> <insert> <rule_number>
IPv6 commands
To add a new rule to the bottom of the IPv6 rules list, use this
command syntax:
config:#
security roleBasedAccessControl ipv6 rule add <start_ip> <end_ip> <role>
<policy>
To add a new IPv6 rule by inserting it above or below a specific
rule, use this command syntax:
config:#
security roleBasedAccessControl ipv6 rule add <start_ip> <end_ip> <role>
<policy> <insert> <rule_number>
Variables:
<start_ip> is the starting IP address.
<end_ip> is the ending IP address.
<role> is the role for which you want to create an access control rule.
<policy> is one of the options: allow or deny.
Policy
Description
allow
Accepts traffic from the specified IP address
range when the user is a member of the specified
role