Configuring ISG Control Policies
How to Configure an ISG Control Policy
5
16. match no-username {no | yes}
17. match protocol {atom | ip | pdsn | ppp | vpdn}
18. match service-name {service-name | regexp regular-expression}
19. match source-ip-address ip-address subnet-mask
20. match timer {timer-name | regexp regular-expression}
21. match tunnel-name {tunnel-name | regexp regular-expression}
22. match unauthenticated-domain {domain-name | regexp regular-expression}
23. match unauthenticated-username {username | regexp regular-expression}
24. match vrf {vrf-name | regexp regular-expression}
DETAILED STEPS
Command or Action Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
• Enter your password if prompted.
Step 2
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3
class-map type control [match-all | match-any |
match-none] class-map-name
Example:
Router(config)# class-map type control
match-all class1
Creates or modifies a control class map, which defines the
conditions under which the actions of a control policy map
will be executed and enters control class-map configuration
mode.
Step 4
available {authen-status | authenticated-domain
| authenticated-username | dnis | media |
mlp-negotiated | nas-port | no-username |
protocol | service-name | source-ip-address |
timer | tunnel-name | unauthenticated-domain |
unauthenticated-username}
Example:
Router(config-control-classmap)# available
nas-port
(Optional) Enters control class map mode. Creates a
condition that evaluates true if the specified subscriber
identifier is locally available.
Step 5
greater-than [not] nas-port {[adapter
adapter-number] [channel channel-number]
[ipaddr ip-address] [port port-number] [shelf
shelf-number] [slot slot-number] [sub-interface
sub-interface-number] [type interface-type]
[vci vci-number] [vlan vlan-id] [vpi
vpi-number]}
Example:
Router(config-control-classmap)# greater-than
nas-port type atm vpi 200 vci 100
(Optional) Creates a condition that evaluates true if the
subscriber network access server (NAS) port identifier is
greater than the specified value.
To Next Page
Loading...
Need help?
General