He wants to block the range 128.252.0.0-128.252.240.0 and permit all else.
access-list 1 deny 128.252.0.0 0.0.240.255
access-list 1 permit any
I have a CCIE and a sniffer instructor sitting next to me and they verified
that the above commands work for blocking the range and permitting
everything else.
----- Original Message -----
From: Ayers, Michael
To: 'fgh' ;
Sent: Tuesday, July 24, 2001 3:04 PM
Subject: RE: access list.. [7:13564]
> That should be 0.0.15.255, but that allows 240, and you have it backwards,
> you need to permit the first line (access-list 1 deny 128.252.0.0
> 0.0.15.255), and then deny the class b , then permit all else
>
> -----Original Message-----
> From: fgh [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 24, 2001 1:02 PM
> To: [EMAIL PROTECTED]
> Subject: Re: access list.. [7:13564]
>
> access-list 1 deny 128.252.0.0 0.0.240.255
> access-list 1 permit any
>
> the 1st line blocks that range and the 2nd line allows all other traffic
>
>
> i think? not positive though
>
>
> ----- Original Message -----
> From: Farhan Ahmed
> To:
> Sent: Tuesday, July 24, 2001 1:28 PM
> Subject: access list.. [7:13564]
>
>
> > What mask would be used if you want to create an
> > access list where the IP addresses (128.252.0.0 to
> > 128.252.240.0) would be blocked
> > pls support with explanation,
> Privileged/Confidential Information may be contained in this message or
> attachments hereto. Please advise immediately if you or your employer do
> not consent to Internet email for messages of this kind. Opinions,
> conclusions and other information in this message that do not relate to
the
> official business of this company shall be understood as neither given nor
> endorsed by it.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13604&t=13564
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
