Verifying The Acl Configuration; Applying Ip Acls - Cisco ASR 5000 Administration Manual

Verifying the ACL Configuration

• Context name is the name of the context containing the "undefined" ACL to be modified. For more
Verifying the ACL Configuration
To verify the ACL configuration, enter the Exec mode show { ip | ipv6 } access-list command.
The following is a sample output of this command. In this example, an ACL named acl_1 was configured.
ip access list acl_1
deny host 10.2.3.4
deny ip any host 10.2.3.4
permit any 10.2.4.4
1 ip access-lists are configured.

Applying IP ACLs

Once an ACL is configured, it must be applied to take effect.
Important
As discussed earlier, you can apply an ACL to any of the following:
•
•
•
•
•
Important
ASR 5000 System Administration Guide, StarOS Release 21.1
234
information, refer to the Context Configuration Mode Commands chapter in the Command Line Interface
Reference.
All ACLs should be configured and verified according to the instructions in the
System, on page 232 prior to beginning these procedures. The procedures described below also assume
that the subscribers have been previously configured.
Applying an ACL to an Individual Interface, on page 236
Applying an ACL to All Traffic Within a Context, on page 238
Applying an ACL to an Individual Subscriber, on page 240
Applying a Single ACL to Multiple Subscribers, on page 244
Applying a Single ACL to Multiple Subscribers, on page 244
ACLs must be configured in the same context in which the subscribers and/or interfaces to which they
are to be applied. Similarly, ACLs to be applied to a context must be configured in that context.
Access Control Lists
Configuring ACLs on the
(known as a policy ACL)
(for 3GPP subscribers only)