Hi Piotr In the Yusuf practice labs, "10.*" has been used in the NAR to restrict an user profile for 10.0.0.0/8 network.
With regards Kings On Mon, May 24, 2010 at 6:44 PM, Piotr Matusiak <[email protected]> wrote: > Gents, > > The ranges do not work. However, some of "advanced" patterns work well i.e. > "permit 10\.20\.1[234]*\.1". I think that only those regular expressions > which are described in the documentation are supported. Hence, IMO only > those should be tested on the lab. > > Anyway, one more thing is important here. The pattern like "permit > 10.20.30.*" is NOT proper as you simply use "." (dot) for matching. The > correct one should be "permit 10\.20\.30\..*" > > HTH, > Piotr > > > 2010/5/22 Tyson Scott <[email protected]> > > Kingsley, >> >> >> >> Test with the regular expression. I am not sure. There are some things >> you can and can't do with this. This topic came up on groupstudy and I >> don't remember the full results but I seem to recall ranges don't work but >> the asterisk does. Double check. I wish I could remember the restrictions >> but it is escaping my memory right now. I will have to go back and test. >> >> >> >> Regards, >> >> >> >> Tyson Scott - CCIE #13513 R&S, Security, and SP >> >> Technical Instructor - IPexpert, Inc. >> >> Mailto: [email protected] >> >> Telephone: +1.810.326.1444, ext. 208 >> >> Live Assistance, Please visit: www.ipexpert.com/chat >> >> eFax: +1.810.454.0130 >> >> >> >> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, >> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco >> CCIE (R&S, Voice, Security & Service Provider) certification(s) with >> training locations throughout the United States, Europe, South Asia and >> Australia. Be sure to visit our online communities at >> www.ipexpert.com/communities and our public website at www.ipexpert.com >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Kingsley >> Charles >> *Sent:* Saturday, May 22, 2010 12:15 PM >> *To:* Piotr Matusiak >> *Cc:* [email protected] >> *Subject:* Re: [OSL | CCIE_Security] Range of IP addresses in Shell >> authorization commands >> >> >> >> OK thus we use regex. >> >> Thx Piotr >> >> With regards >> Kings >> >> On Sat, May 22, 2010 at 6:21 PM, Piotr Matusiak <[email protected]> wrote: >> >> I think this is just pattern matching so below should work as well: >> >> permit 10\.20\.30\.[40-50] >> >> >> 2010/5/22 Kingsley Charles <[email protected]> >> >> Hi all >> >> If I need to authorize a range of IP address 10.20.30.0/24 for telnet, I >> did the following and it worked >> >> In the ACS, I configured the following: >> >> Command - telnet >> Arguments - permit 10.20.30.* >> >> >> Any other ways, like subnets masks or wild card masks >> >> >> With regards >> Kings >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> >> >> >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
