This depends on the task wording. If they ask for specific IP address you should use "\." IMO. For example when you have "permit 1.1.1.*" it will also match IP address of 101.1.1.1 and many more.
Cheers, Piotr 2010/5/24 Kingsley Charles <[email protected]> > Hi Piotr > > In the Yusuf practice labs, "10.*" has been used in the NAR to restrict an > user profile for 10.0.0.0/8 network. > > > With regards > Kings > > > On Mon, May 24, 2010 at 6:44 PM, Piotr Matusiak <[email protected]> wrote: > >> Gents, >> >> The ranges do not work. However, some of "advanced" patterns work well >> i.e. "permit 10\.20\.1[234]*\.1". I think that only those regular >> expressions which are described in the documentation are supported. Hence, >> IMO only those should be tested on the lab. >> >> Anyway, one more thing is important here. The pattern like "permit >> 10.20.30.*" is NOT proper as you simply use "." (dot) for matching. The >> correct one should be "permit 10\.20\.30\..*" >> >> HTH, >> Piotr >> >> >> 2010/5/22 Tyson Scott <[email protected]> >> >> Kingsley, >>> >>> >>> >>> Test with the regular expression. I am not sure. There are some things >>> you can and can't do with this. This topic came up on groupstudy and I >>> don't remember the full results but I seem to recall ranges don't work but >>> the asterisk does. Double check. I wish I could remember the restrictions >>> but it is escaping my memory right now. I will have to go back and test. >>> >>> >>> >>> Regards, >>> >>> >>> >>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>> >>> Technical Instructor - IPexpert, Inc. >>> >>> Mailto: [email protected] >>> >>> Telephone: +1.810.326.1444, ext. 208 >>> >>> Live Assistance, Please visit: www.ipexpert.com/chat >>> >>> eFax: +1.810.454.0130 >>> >>> >>> >>> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, >>> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco >>> CCIE (R&S, Voice, Security & Service Provider) certification(s) with >>> training locations throughout the United States, Europe, South Asia and >>> Australia. Be sure to visit our online communities at >>> www.ipexpert.com/communities and our public website at www.ipexpert.com >>> >>> >>> >>> *From:* [email protected] [mailto: >>> [email protected]] *On Behalf Of *Kingsley >>> Charles >>> *Sent:* Saturday, May 22, 2010 12:15 PM >>> *To:* Piotr Matusiak >>> *Cc:* [email protected] >>> *Subject:* Re: [OSL | CCIE_Security] Range of IP addresses in Shell >>> authorization commands >>> >>> >>> >>> OK thus we use regex. >>> >>> Thx Piotr >>> >>> With regards >>> Kings >>> >>> On Sat, May 22, 2010 at 6:21 PM, Piotr Matusiak <[email protected]> wrote: >>> >>> I think this is just pattern matching so below should work as well: >>> >>> permit 10\.20\.30\.[40-50] >>> >>> >>> 2010/5/22 Kingsley Charles <[email protected]> >>> >>> Hi all >>> >>> If I need to authorize a range of IP address 10.20.30.0/24 for telnet, I >>> did the following and it worked >>> >>> In the ACS, I configured the following: >>> >>> Command - telnet >>> Arguments - permit 10.20.30.* >>> >>> >>> Any other ways, like subnets masks or wild card masks >>> >>> >>> With regards >>> Kings >>> >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please >>> visit www.ipexpert.com >>> >>> >>> >>> >>> >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
