Refer to the exhibit. An engineer must configure router R1 to allow only NETCONF connections from the management VLAN. Which command completes this configuration?
Refer to the exhibit. An engineer must configure router R1 to allow only NETCONF connections from the management VLAN. Which command completes this configuration?
The command to complete the configuration and permit only NETCONF connections from the management VLAN is 'netconf-yang ipv4 access-list name netconfacl'. This command specifically applies an access control list (ACL) to NETCONF connections, ensuring that only the specified sources (in this case, the management VLAN) can initiate NETCONF sessions. The other options either do not apply directly to NETCONF, involve incorrect interfaces, or unrelated command structures.
It's B see https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/1612/b_1612_programmability_cg/netconf_and_restconf_service_level_acls.pdf
B, but it is missing the 'ssh' keyword : netconf-yang ssh {{ipv4 | ipv6 }access-list name access-list-name} | port port-number}
: Configuring an ACL for a NETCONF Session Device# enable Device# configure terminal Device(config)# ip access-list standard acl1_permit Device(config-std-nacl)# permit 192.168.255.0 0.0.0.255 Device(config-std-nacl)# deny any Device(config-std-nacl)# exit Device(config)# netconf-yang ssh ipv4 access-list name acl1_permit Device(config)# end
it´s B
In a typical scenario where the goal is to restrict NETCONF connections from a specific VLAN (such as the management VLAN), using an access control list (ACL) applied outbound on the interface connected to that VLAN is a common approach.
enable 2. configure terminal 3. • ip access-list {standard | extended} access-list-name • ipv6 access-list access-list-name 4. permit {host-address | host-name | any} [wildcard] 5. deny {host-address | host-name | any} [wildcard] 6. exit 7. netconf-yang ssh {{ipv4 | ipv6 }access-list name access-list-name} | port port-number} 8. end go study