223 would work for all numbers 0-31, 64-95, 128-159, and 192-223, but as you
see would skip all sequences where the 32 it is 1. This is a very valid WC
mask (they don't follow the rules of SN masks), but still doesn't match the
entire scenario. I do agree, however, with 4 lines. 3 if you don't count
the "any any" permit statement.
From: Jeremy Felt [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 16, 2001 3:05 PM
To: [EMAIL PROTECTED]
Subject: Re: Access List problem. [7:12525]
After thinking on it a bit more, the wildcard mask I would use if it were
legal would be 0.0.223.255
This seems to accomplish the task, though according to my knowledge, it's
not useable. So now I'm with Allen in 4 lines, not 3.
- Jeremy Felt
[EMAIL PROTECTED]
----- Original Message -----
From: "Jeremy Felt"
To:
Sent: Monday, July 16, 2001 4:22 PM
Subject: Re: Access List problem. [7:12525]
...[snip message].....
> In order for the second statement to be taken out, the third statement
needs
> to be modified so that traffic from "172.22.32.0-172.22.255.255" is denied
> access to any nodes from "192.168.18.64-192.168.18.127". I don't know if
> this can be done by using a wildcard mask though, and I'm not able to
figure
> it out.
>
> Sorry about the length, hopefully somebody can post the correct answer
this
> time. :-p
>
> - Jeremy Felt
> [EMAIL PROTECTED]
>
>
> ----- Original Message -----
> From: "no mail"
> To:
> Sent: Monday, July 16, 2001 3:41 PM
> Subject: Re: Access List problem. [7:12525]
>
>
> > I like Jeremy's answer. It seems like the permit all at the end makes
> > everything else except the denies redundant.
> >
> >
> > ""Jeremy Felt"" wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I have a familiar feeling that I'm going to be completely off on this
> one,
> > > but hopefully the correct answer will be posted so I can figure out
why.
> > >
> > > As long as the correct "deny" statements are there, it seems to me
that
> > the
> > > other "permit" statements would be redundant when used with the
"permit
> > all"
> > > statement at the end.....
> > >
> > > access-list 101 deny ip 172.22.30.0 0.0.0.255 192.168.18.27 0.0.0.0
> > > access-list 101 deny ip 172.22.0.0 0.0.255.255 192.168.18.64 0.0.0.63
> > > access-list 101 permit ip 0.0.0.0 255.255.255.255 0.0.0.0
> 255.255.255.255
> > >
> > >
> > > Looking forward to the answer,
> > >
> > > - Jeremy Felt
> > > [EMAIL PROTECTED]
> > >
> > >
> > > ----- Original Message -----
> > > From: "Robert Fowler"
> > > To:
> > > Sent: Monday, July 16, 2001 2:05 PM
> > > Subject: Access List problem. [7:12525]
>
> ...[snipped message]...
>
> > > > access-list 101 permit ip 172.22.30.6 0.0.0.0 10.0.0.0 0.255.255.255
> > > > access-list 101 permit ip 172.22.30.95 0.0.0.0 10.11.12.0 0.0.0.255
> > > > access-list 101 deny ip 172.22.30.0 0.0.0.255 192.168.18.27 0.0.0.0
> > > > access-list 101 permit ip 172.22.0.0 0.0.31.255 192.168.18.0
0.0.0.255
> > > > access-list 101 deny ip 172.22.0.0 0.0.255.255 192.168.18.64
0.0.0.63
> > > > access-list 101 permit ip 0.0.0.0 255.255.255.255 0.0.0.0
> > 255.255.255.255
> > > >
> > > > Have fun...
> > > >
> > > >
> > > > Thank You,
> > > > Robert Fowler
Privileged/Confidential Information may be contained in this message or
attachments hereto. Please advise immediately if you or your employer do
not consent to Internet email for messages of this kind. Opinions,
conclusions and other information in this message that do not relate to the
official business of this company shall be understood as neither given nor
endorsed by it.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=12553&t=12525
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
