Cisco Cisco Packet Data Interworking Function (PDIF) Guía Para Resolver Problemas
Access Control Lists
▀ Applying IP ACLs
▄ Cisco ASR 5000 Series Enhanced Feature Configuration Guide
OL-22983-01
Packet coming from the packet data network to the mobile node (right to left)
Order Description
1
An inbound ACL configured for the receiving interface configured in the Destination Context is applied.
2
An outbound ACL configured for the subscriber (either the specific subscriber or for any subscriber facilitated by the
context) is applied. The packet is then forwarded to the Source Context.
context) is applied. The packet is then forwarded to the Source Context.
3
A context ACL (policy ACL) configured in the Source Context is applied prior to forwarding.
4
An outbound ACL configured on the interface in the Source Context through which the packet is being forwarded is
applied to the tunneled data (i.e. the outer IP header).
applied to the tunneled data (i.e. the outer IP header).
In the event that an IP ACL is applied that has not been configured (i.e. the name of the applied ACL was configured
incorrectly), the system uses an ―undefined‖ ACL mechanism for filtering the packet(s).
incorrectly), the system uses an ―undefined‖ ACL mechanism for filtering the packet(s).
This section provides information and instructions for applying ACLs and for configuring an ―undefined‖ ACL.
Applying an ACL to an Individual Interface
This section provides information and instructions for applying one or more ACLs to an individual interface configured
on the system.
on the system.
Important:
It is recommended that all ACLs be configured and verified according to the instructions in the
Important:
This section provides the minimum instruction set for applying the ACL list to an interface on the
system. For more information on commands that configure additional parameters and options, refer Ethernet Interface
Configuration Mode Commands chapter in Command Line Interface Reference.
Configuration Mode Commands chapter in Command Line Interface Reference.
To configure the system to provide ACL facility to subscribers:
Step 1
Apply the configured access control list by applying the example configuration in the
section.
Step 2
Verify that ACL is applied properly on interface by following the steps in the
Step 3
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Applying ACL to Interface
To apply the ACL to an interface, use the following configuration: