Access Control Lists
Important
To configure the system to provide access control list facility to subscribers:
Step 1
Apply the configured access control list by following the example configuration in
Named default, on page
Step 2
Verify that the ACL is applied properly on interface by following the steps in
Service-specified Default Subscriber, on page
Step 3
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.
Applying an ACL to Service-specified Default Subscriber
To apply the ACL to a service-specified Default subscriber, use the following configuration:
configure
context acl_ctxt_name [ -noconfirm ]
Notes:
• The context name is the name of the ACL context containing the interface to which the ACL is to be
• If neither the in nor the out keyword is specified, the ACL will be applied to all inbound and outbound
• The ACL to be applied must be configured in the context specified by this command.
• Up to eight ACLs can be applied to a group provided that the number of rules configured within the
Verifying the ACL Configuration to Service-specified Default Subscriber
To verify the ACL configuration.
Verify that your ACL lists were applied properly by entering the following command in Exec Mode:
host_name
[local]
This section provides the minimum instruction set for applying the ACL list to all traffic within a context.
For more information on commands that configure additional parameters and options, refer to the Subscriber
Configuration Mode Commands chapter in the Command Line Interface Reference.
259.
{ pdsn-service | fa-service | ha-service } service_name
default subscriber svc_default_subs_name
exit
subscriber name svc_default_subs_name
{ ip | ipv6 } access-group acl_list_name [ in | out ]
end
applied.
packets.
ACL(s) does not exceed the 128-rule limit for the interface.
show configuration context context_name
#
Applying an ACL to Service-specified Default Subscriber
261.
ASR 5500 System Administration Guide, StarOS Release 21.4
Applying an ACL to the Subscriber
Verifying the ACL Configuration to
261