Configuring Access-Control Lists - Cisco ASR 9000 Series Configuration Manual

Configuring Access-Control Lists

Configuring Access-Control Lists
Perform this task to create an access control list. As an example, this access list is created to deploy ABF;
therefore, it defines the next hop address.
SUMMARY STEPS
1. configure
2. {ipv4} access-list access-list-name
3. sequence-number permit tcp any any
4. sequence-number permit {ipv4} host source_address nexthop source_address destination_address
5. Use the commit or end command.
DETAILED STEPS
Command or Action
Step 1
configure
Example:
RP/0/RSP0/CPU0:router# configure
Step 2 {ipv4} access-list access-list-name
Example:
RP/0/RSP0/CPU0:router(config)# ipv4
access-list foo_in
Step 3 sequence-number permit tcp any any
Example:
RP/0/RSP0/CPU0:router(config)# 10 permit tcp
any any
Step 4 sequence-number permit {ipv4} host source_address
nexthop source_address destination_address
Example:
RP/0/RSP0/CPU0:router(config)# 10 permit ipv4
host 9.8.8.9 nexthop 6.6.6.6 7.7.7.7
Step 5 Use the commit or end command.
Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide,
Release 4.2.x
130
Purpose
Enters global configuration mode.
Configures the access-list.
Enters an access control list rule to tcp traffic.
Specifies packets to forward on ipv4 protocol from source IP
address to destination IP address.
Repeat steps 1 to 4 to configure the foo_out
Note
access-list.
commit—Saves the configuration changes and remains within
the configuration session.
end—Prompts user to take one of these actions:
• Yes— Saves configuration changes and exits the
configuration session.
Configuring Subscriber Features
OL-26148-02