Cisco Cisco Packet Data Gateway (PDG) Guía De Administador
Access Control Lists
Configuring ACLs on the System ▀
Cisco ASR 5000 System Administration Guide ▄
239
Configuring ACLs on the System
This section describes how to configure ACLs.
Important:
This section provides the minimum instruction set for configuring access control list on the system.
For more information on commands that configure additional parameters and options, refer to the ACL Configuration
Mode Commands and IPv6 ACL Configuration Mode Commands chapters in the Command Line Interface Reference.
Mode Commands and IPv6 ACL Configuration Mode Commands chapters in the Command Line Interface Reference.
To configure the system to provide an access control list facility to subscribers:
Step 1
Step 2
Step 3
Optional. The system provides an “undefined” ACL that acts as a default filter for all packets into the context. The
default action is to “permit all”. Modify the default configuration for “unidentified” ACLs for by following the example
configuration in
default action is to “permit all”. Modify the default configuration for “unidentified” ACLs for by following the example
configuration in
Step 4
Step 5
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.
Creating ACLs
To create an ACL, enter the following command sequence from the Exec mode of the system CLI:
configure
context acl_ctxt_name [ -noconfirm ]
( ip | ipv6 } access-list acl_list_name
end
Notes:
The maximum number of ACLs that can be configured per context is limited by the amount of available memory
in the VPN Manager software task. Typically, the maximum is less than 200.