cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
157
Views
0
Helpful
3
Replies
Highlighted
Beginner

ACL issue

I have a small issue with ACL.

My local network are 10.2.1.0/24 and 10.2.2/24 , When i apply indise local NAT like below. It translate my 10.2.1.0/24 and 10.2.2/24 network sucessfuly.


ip access-list standard Nat_Traffic

permit 10.1.0.0 0.0.255.255

permit 10.2.0.0 0.0.255.255

 

As per my understanding NAT traffic  should be rejected because my network fall in different subnet.

Please correct me why my local network translated with that above NAT?

Please explain with small example,

Thanks

 

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Advisor

Re: ACL issue

The subnet 10.2.0.0 /16 covers the IP range 10.2.0.0 - 10.2.255.255  , so within that range are your two /24's, each with the corresponding range:

10.2.1.0/24 = 10.2.1.0 - 10.2.1.255

10.2.2.0/24 = 10.2.2.0 - 10.2.2.255

 

 

...have a play around with http://www.subnet-calculator.com/ . If you are not familiar with IP subneting there are numerous online tutorials:

https://www.computernetworkingnotes.com/ccna-study-guide/subnetting-tutorial-subnetting-explained-with-examples.html

 

cheers,

Seb.

3 REPLIES 3
VIP Advisor

Re: ACL issue

Hi there,

This router NAT statement, so the ACL will use wildcard netmasks.

 

The ACE which matches your two local subnets is:

permit 10.2.0.0 0.0.255.255

 

...this is equivalent to 10.2.0.0/16 , which your two subnets are matched under.

 

cheers,

Seb.

 

Beginner

Re: ACL issue

but my subnet mask are different 10.2.0.0/24. What about the subnetmask?

Please suggest any link which i learn and clear my doubt.
VIP Advisor

Re: ACL issue

The subnet 10.2.0.0 /16 covers the IP range 10.2.0.0 - 10.2.255.255  , so within that range are your two /24's, each with the corresponding range:

10.2.1.0/24 = 10.2.1.0 - 10.2.1.255

10.2.2.0/24 = 10.2.2.0 - 10.2.2.255

 

 

...have a play around with http://www.subnet-calculator.com/ . If you are not familiar with IP subneting there are numerous online tutorials:

https://www.computernetworkingnotes.com/ccna-study-guide/subnetting-tutorial-subnetting-explained-with-examples.html

 

cheers,

Seb.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards