Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3933
Views
21
Helpful
6
Replies

Access list without wildcard mask

Go to solution
mh.gorjizadeh
Level 1
Level 1

‎05-18-2015 01:03 AM - edited ‎03-08-2019 12:02 AM

Hello dear friends .

It's my first question on Cisco forum. 

I would like to know when we write some standard access list without wild card mask which range of ip addresses will be proceed?

for example take a look at this one:

access-list 3 deny 10.17.32.0

so which range of ip addresses will be proceed ?

or this one 

access-list 2 permit host 172.16.14.0

Thanks for your response 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
vivek srivastava
Level 7
Level 7

‎05-18-2015 01:25 AM

In standard ACL,  mask is optional meaning if no wildcard-mask is configured it will take as 0.0.0.0 i.e. eual to host.

from cisco:

To specify a large number of individual addresses more easily, you can omit the wildcard if it is all zeros. Thus, the following two configuration commands are identical in effect:

access-list 2 permit 36.48.0.3

 

access-list 2 permit 36.48.0.3  0.0.0.0

 

View solution in original post

6 Replies 6

Go to solution
vivek srivastava
Level 7
Level 7

‎05-18-2015 01:25 AM

In standard ACL,  mask is optional meaning if no wildcard-mask is configured it will take as 0.0.0.0 i.e. eual to host.

from cisco:

To specify a large number of individual addresses more easily, you can omit the wildcard if it is all zeros. Thus, the following two configuration commands are identical in effect:

access-list 2 permit 36.48.0.3

 

access-list 2 permit 36.48.0.3  0.0.0.0

 

Go to solution
mh.gorjizadeh
Level 1
Level 1
In response to vivek srivastava

‎05-18-2015 01:36 AM

I got it 

but if we are talking about for example :

access-list 3 deny 10.17.32.0 

does our router consider this ip address which is ip address of a network as a single ip address ?

in other meaning  is it equal to :

access-list 3 deny 10.17.32.0  0.0.0.0 

Thank you 

0 Helpful

Go to solution
vivek srivastava
Level 7
Level 7
In response to mh.gorjizadeh

‎05-18-2015 01:38 AM

Yes correct. Both statement do the same work.

0 Helpful

Go to solution
mh.gorjizadeh
Level 1
Level 1
In response to vivek srivastava

‎05-18-2015 01:43 AM

Oh OK i got it.

I just forgot that specially in point to point links we can also set ip addresses with 0 in forth octet.

I appreciate your for your help and respond.

Thank you a lot 

- See more at: https://supportforums.cisco.com/discussion/12509746/access-list-without-wildcard-mask#comment-10595111

0 Helpful

Go to solution
amchang
Cisco Employee
Cisco Employee
In response to mh.gorjizadeh

‎05-29-2015 06:05 PM

A post in this discussion has been removed due to possible misconduct. Please refer to the CSC terms of use for more details. 

0 Helpful

Go to solution
rosaho
Level 3
Level 3
In response to mh.gorjizadeh

‎06-23-2015 10:32 PM

Posts in this discussion have been modified due to possible misconduct. Please refer to the CSC terms of use for more details. https://supportforums.cisco.com/document/29951/cisco-support-community-acceptable-use-agreement

 
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card