Thank you I will try this and see if it works.. SRS Level 2 SRS Implementation Team Cell phone# 720-840-4887 SUN PH# 303-272-2661 Virtual Office# 303-604-0037 [EMAIL PROTECTED] [EMAIL PROTECTED]
-----Original Message----- From: Kam Chris [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 02, 2003 12:01 PM To: [EMAIL PROTECTED] Subject: RE: Access-list ?? [7:71696] Craig, The problem as I see it is you need to allow 50 hosts, to pass through an ACL but the 50 hosts you want to pass are difficult to "mask out" with a simple ACL. The previous answers provided might be correct but are a little more than I believe you are looking for. You are not trying to filter on source AND destination address and do not need to filter by protocol, just source, so I recomend a standard access-list, like I have listed below. There are several ways to "slice it up" here is just one. access-list 10 deny host 192.100.34.97 access-list 10 deny host 192.100.34.98 access-list 10 deny host 192.100.34.99 access-list 10 deny host 192.100.34.151 access-list 10 deny host 192.100.34.152 access-list 10 deny 192.100.34.153 0.0.0.7 access-list 10 permit 192.100.34.97 0.0.0.31 access-list 10 permit host 192.100.34.127 access-list 10 permit host 192.100.34.128 access-list 10 permit 192.100.34.129 0.0.0.31 If it's an option, you might want to consider re-addressing to better align your host addresses with a subnet boundary. For example, 192.100.34.65 0.0.0.63 covers hosts 65-126 (62 hosts) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71794&t=71696 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]