Cisco Cisco Packet Data Gateway (PDG) Guida Dell'Amministratore
Access Control Lists
Applying IP ACLs ▀
Cisco ASR 5000 System Administration Guide ▄
251
aaa group default
exit
gtpp group default
exit
content-filtering server-group cfsg_name
response-timeout response_timeout
connection retry-timeout retry_timeout
end
exit
gtpp group default
exit
content-filtering server-group cfsg_name
response-timeout response_timeout
connection retry-timeout retry_timeout
end
Applying an ACL to Service-specified Default Subscriber
This section provides information and instructions for applying an ACL to the subscriber to be used as the “default”
profile by various system services.
profile by various system services.
Important:
This section provides the minimum instruction set for applying the ACL list to all traffic within a
context. For more information on commands that configure additional parameters and options, refer to the Subscriber
Configuration Mode Commands chapter in the Command Line Interface Reference.
Configuration Mode Commands chapter in the Command Line Interface Reference.
To configure the system to provide access control list facility to subscribers:
Step 1
Step 2
Step 3
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.
Applying an ACL to Service-specified Default Subscriber
To apply the ACL to a service-specified Default subscriber, use the following configuration:
configure
context acl_ctxt_name [ -noconfirm ]
{ pdsn-service | fa-service | ha-service } service_name
default subscriber svc_default_subs_name
exit
subscriber name svc_default_subs_name
{ ip | ipv6 } access-group acl_list_name [ in | out ]
end
Notes:
The context name is the name of the ACL context containing the interface to which the ACL is to be applied.
If neither the
in
nor the
out
keyword is specified, the ACL will be applied to all inbound and outbound packets.