Cisco Cisco Packet Data Gateway (PDG) Fehlerbehebungsanleitung
Access Control Lists
Configuring ACLs on the System ▀
Cisco ASR 5000 Series Enhanced Feature Configuration Guide ▄
OL-22983-01
Notes:
Use the information provided in the
comprise the ACL. For more information, refer ACL Configuration Mode Commands in Command Line
Interface Reference.
Interface Reference.
The maximum number of rules that can be configured per ACL varies depending on how the ACL is to be used.
For more information, refer Engineering Rules in System Administration Guide.
Caution:
Unless configured to do otherwise, the system implicitly adds a ―deny any‖ rule to the end of the ACL
resulting in the packet being dropped if it does not match any other configured rule. This behavior can be changed by
adding a ―permit any‖ rule as the last rule in the ACL.
adding a ―permit any‖ rule as the last rule in the ACL.
Configuring an “Undefined” ACL
As discussed previously in this chapter the system uses an ―undefined‖ ACL mechanism for filtering the packet(s) in the
event that an ACL that has been applied is not present. This scenario is likely the result of a mis-configuration such as
the ACL name being mis-typed during the configuration process.
event that an ACL that has been applied is not present. This scenario is likely the result of a mis-configuration such as
the ACL name being mis-typed during the configuration process.
For these scenarios, the system provides an ―undefined‖ ACL that acts as a default filter for all packets into the context.
The default action is to ―permit all‖.
The default action is to ―permit all‖.
To modify the default behavior for unidentified ACLs, use the following configuration:
Notes: