You are here: Nessus Manager and Professional > User Management Commands > Add a User > Network and Port Rules

TOC & Recently Viewed

Recently Viewed Topics

Network and Port Rules

To configure Nessus network scanning rules, the syntax is the following:

accept|reject address/netmask:ports

The address/netmask is in CIDR notation. For example, this will not let a user scan any IP address in the /24 (standard class C) network:


For example, this will let a user scan any IP address in the /8 (standard class A) network:


Additionally, you can define ports or a port range to be allowed or denied certain ports. For example, to forbid connecting to port 80 for


For example, to allow connecting to ports 8000 - 10000 for any host in the subnet:


Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.