I don't think you want to use the 'host' command when specifying a subnet. Try this:
access-list acl_out permit tcp 212.113.2.0 255.255.255.0 host 124.49.114.6 eq ftp -Eric -----Original Message----- From: John Zei [mailto:[EMAIL PROTECTED]] Sent: Monday, October 22, 2001 12:32 PM To: [EMAIL PROTECTED] Subject: PIX subnet access-lists [7:23797] Does anyone know the access-list command that would allow an entire subnet into an ftp site. Here are some examples of what I've tried: access-list acl_out permit tcp host 212.113.2.0 255.255.255.0 host 124.49.114.6 eq ftp access-list acl_out permit tcp host 212.113.2.0 255.255.255.0 host 124.49.114.6 255.255.255.255 eq ftp Neither of these worked. Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=23800&t=23797 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
