01-19-2015 08:15 PM - edited 03-03-2019 07:43 AM
Hi
What is the relevance of this command in the following context?
access-list 1 permit 0.0.0.0
!
interface g0/1
ip address 10.1.1.1 255.255.255.0
ip access-group 1 in
Thanks
01-19-2015 11:30 PM
Everything matching is allowed.
if you use access-list 1 permit 0.0.0.0
(if no mask defined then it will apply Implicit Masks as 0.0.0.0 mask applied which means exact match only)
which means that this is acting like a matching of default route only.
01-20-2015 11:01 AM
Thanks. So what does it really mean in terms of this access-list when you say matching a default route. This access list has been applied to an interface in the router. Does it mean that it will permit traffic from any source address?
Hilary
03-09-2015 12:21 PM
Hilary,
When defining a standard access list and do not include a wildcard mask, you are specifying a particular host address. For example:
access-list 1 permit 192.168.10.10
will only permit traffic sourced from the 192.168.10.10 IP address.
Following the example above, unless you have a host with an IP of 0.0.0.0, the access list you're providing is essentially equivalent to:
access-list 1 deny any
If you would like an in-depth look on ACLs, please check out this Cisco doc on access lists:
http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html#standacl
and read the section titled Standard ACLs.
Regards,
Eric Kang
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide