Configuring ACL
To apply the ACL to individual subscriber through APN, use the following configuration:
configure
context dest_context_name [ -noconfirm ]
{ ip | ipv6 } access-list acl_list_name
{ permit | deny | redirect }acl
end
configure
apn apn_name
{ ip | ipv6 } access-group acl_list_name [ in | out ]
end
Notes:
-
The ACL to be applied must be in the destination context of the APN (which can be different from the context where the APN is configured).
-
If neither the in nor the out keyword is specified, the ACL will be applied to all inbound and outbound packets.
-
Four access-groups can be applied for each APN, for example:
ip access-group acl_list_name_1 in
ip access-group acl_list_name_2 out
ipv6 access-group acl_list_name_3 in
ipv6 access-group acl_list_name_4 out