Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
343
Views
0
Helpful
1
Replies

Issue modifying access-list on PIX 515E

bberry
Level 1
Level 1

‎03-26-2007 08:00 AM - edited ‎03-11-2019 02:51 AM

I have an access list that blocks the first part of a network outbound. This should block networks 1 thru 31. I am trying to replicate this line for an additional network but receive the message

ERROR: IP address,mask <172.17.0.0,255.240.0.0> doesn't pair

Here is the command that I am using :

access-list in-in line 6 extended deny ip any 172.17.0.0 255.240.0.0

Is there something that I am missing? The rule that I am tryig to match is

access-list in-in line 5 extended deny ip any 172.16.0.0 255.240.0.0

Ideas??

Labels:
0 Helpful
1 Reply 1

cpembleton
Level 4
Level 4

‎03-26-2007 09:06 AM

The 172.17.0.0 255.240.0.0 is part of the 172.16.0.0 255.240.0.0 subnet.

172.16.0.0 /12 = 172.16.0.0 - 172.31.255.255

You would be blocking the same part of the network. What networks are you trying to block?

Thanks,

Chad

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card