11-22-2013 03:11 PM - edited 03-11-2019 08:08 PM
Hello,
I have a server with IP address 172.22.94.224/22 and an ACL statement in one of the ASAs as follows "access-list 145 permit ip 172.22.94.224 0.0.0.31 any"
I got confused by the inverse mask address(0.0.0.31) and I would like some clarification.
Much appreciated.
Best, ~sK
Solved! Go to Solution.
11-22-2013 05:06 PM
0.0.0.31 is a mask that has 27 bits set to 0 (match) and five bits set to one (don't match). With that mask in the ACL you allow 32 addresses, in your case from 172.22.94.224 to 172.22.94.255.
Wildcardmasks are very good explained in the Wikipedia-article: http://en.wikipedia.org/wiki/Wildcard_mask
Sent from Cisco Technical Support iPad App
11-22-2013 04:38 PM
if that is really an ACL from an ASA, then it's probably wrong as the ASA doesn't use the inversed wildcardmask. The router-wildcard-mask of 0.0.0.31 would be 255.255.255.224 on the ASA.
Sent from Cisco Technical Support iPad App
11-22-2013 04:49 PM
Sorry, the inv mask is on the 4507 not the ASA. My question is what does this statement "
access-list 145 permit ip 172.22.94.224 0.0.0.31" mean?
Best, ~sK
11-22-2013 05:06 PM
0.0.0.31 is a mask that has 27 bits set to 0 (match) and five bits set to one (don't match). With that mask in the ACL you allow 32 addresses, in your case from 172.22.94.224 to 172.22.94.255.
Wildcardmasks are very good explained in the Wikipedia-article: http://en.wikipedia.org/wiki/Wildcard_mask
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide