Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1389
Views
10
Helpful
2
Replies

Allowing host on /24 subnet

Go to solution
Mokhalil82
Level 4
Level 4

‎05-05-2019 03:22 PM

Hi

This may be a bit of a simple one, but my understanding is slightly different from a colleague.

So if i was to allow 2 hosts on a firewall rule that are part of a /24 subnet, my take is i need to allow 10.10.10.51/32 and 10.10.10.52/32 which is something i have always done for hosts.

However my colleague thinks allowing 10.10.10.51/24 and 10.10.10.52/24 achieves the same in that it will still only allow the 2 hosts and not the entire subnet.

I explained to him that a /24 mask means the last octect is not considered so it will allow the whole subnet. He thinks otherwise.

Who is correct, i know i am correct but is he also correct in any sense?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎05-05-2019 03:47 PM

Bien @Mokhalil82 ,

 

Effectively, if you allow the mask /24, you are allowing the entire last octet.

If you want to allow only 2 hosts, it is best to do it by host, as you 

 

Regards

View solution in original post

2 Replies 2

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎05-05-2019 03:47 PM

Bien @Mokhalil82 ,

 

Effectively, if you allow the mask /24, you are allowing the entire last octet.

If you want to allow only 2 hosts, it is best to do it by host, as you 

 

Regards

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-06-2019 03:30 AM

If you want to allow only 2 host, then i suggest to use host entries rather subnet.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents