Cisco Cisco Packet Data Interworking Function (PDIF)
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
Access Control Lists
Applying IP ACLs ▀
ASR 5000 System Administration Guide, StarOS Release 16 ▄
253
Verifying the ACL Configuration to the Subscriber Named default
These instructions are used to verify the ACL configuration.
Step 1
Verify that your ACL lists were applied properly by entering the following command in Exec Mode:
show configuration context context_name
context_name is the name of the context containing the subscriber default to which the ACL(s) was/were applied.
The output of this command displays the configuration of the entire context. Examine the output for the commands
pertaining to interface configuration. The commands display the ACL(s) applied using this procedure.
pertaining to interface configuration. The commands display the ACL(s) applied using this procedure.
configure
context context_name
ip access-list acl_name
deny host ip_address
deny ip any host ip_address
exit
ip access-group access_group_name
service-redundancy-protocol
exit
interface interface
ip address ip_address/mask
exit
subscriber name default
ip access-group access_group_name in
ip access-group access_group_name out
exit
aaa group default
exit
gtpp group default
exit
content-filtering server-group cfsg_name
response-timeout response_timeout
connection retry-timeout retry_timeout
end
context context_name
ip access-list acl_name
deny host ip_address
deny ip any host ip_address
exit
ip access-group access_group_name
service-redundancy-protocol
exit
interface interface
ip address ip_address/mask
exit
subscriber name default
ip access-group access_group_name in
ip access-group access_group_name out
exit
aaa group default
exit
gtpp group default
exit
content-filtering server-group cfsg_name
response-timeout response_timeout
connection retry-timeout retry_timeout
end
Applying an ACL to Service-specified Default Subscriber
This section provides information and instructions for applying an ACL to the subscriber to be used as the “default”
profile by various system services.
profile by various system services.
Important:
This section provides the minimum instruction set for applying the ACL list to all traffic within a
context. For more information on commands that configure additional parameters and options, refer to the Subscriber
Configuration Mode Commands chapter in the Command Line Interface Reference.
Configuration Mode Commands chapter in the Command Line Interface Reference.
To configure the system to provide access control list facility to subscribers:
Step 1