Couldn't you just use the wildcard mask 0.0.4.255 to deny 192.17.73.0 - 192.17.77.0? I used the Boson wildcard mask calculator to check this, and it gave me those networks.
""Andrew Larkins"" wrote in message news:[EMAIL PROTECTED] > the first access-list will not work. > The second one will also deny networks 192.17.72.0 and 78.0 as well as 79.0 > - > You are correct about zeros must make at 1's are don't care, but you need to > understand the basic of subnetting. A 248.0 subnet mask means 8 "Class C" > subnets. You have to start at a valid network address which in this case is > 192.17.72.0 > > Router(config)#access-list 11 deny 192.17.73.0 0.0.7.255 > Router#sho access-list 11 > Standard IP access list 11 > deny 192.17.72.0, wildcard bits 0.0.7.255 > > > Notice that it fixes your mistake for you. > > Regards > > Andrew > CCNP, CCDP, CSS1 > > -----Original Message----- > From: Jason Steig [mailto:[EMAIL PROTECTED] > Sent: 25 February 2003 16:26 > To: [EMAIL PROTECTED] > Subject: new access list problem [7:63715] > > > Hello i networks 192.17.73.0 - 192.17.77.0 > > is there anyway to deny these networks with one entry in an access list? > > > such as deny 192.17.73.0 0.0.248.255? > > is this going to deny these networks? it's also going to black hole several > other networks though. Or does the list have to be > > deny 192.17.73.0 0.0.7.255 ? > > i thought zeros must match and ones we don't care. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63742&t=63715 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
