cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
135
Views
0
Helpful
1
Replies
Highlighted
Beginner

extended access-list

hello

ip access-list ext SOMETHINGS

permit ip 10.0.0.0 0.0.0.255   255.255.255.0  0.0.0.255

permit ip 10.0.0.0 0.0.0.255   host 255.255.255.252

 

i know the result because i tested but i can not realize that bold line why 255.255.255.0 0.0.0.255( i know it based on Subnet mask)

i get confused first is IP & second is wild sub Mask

what is mean exactly ?

it means while we want to PER/DENY from subnet mask e.g /24 we have to write:

255.255.255.0 0.0.0.255

 

 

Everyone's tags (2)
1 REPLY 1
Advocate

Re: extended access-list

Hola @cisc0.ameer ,

 

it means while we want to PER/DENY from subnet mask e.g /24 we have to write: 

255.255.255.0 0.0.0.255

A: Exactly, but, do not confuse 255.255.255.0 with a mask /24

The policy of the ACL remains the same IP/wildcard

 

In this case:

permit ip 10.0.0.0 0.0.0.255   255.255.255.0  0.0.0.255

 

This ACE indicates that the packages that start with the ip 10.0.0.X and go to any destination that starts with the ip 255.255.255.X will be allowed.

 

Regards

 

 

 

 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards