Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2513
Views
0
Helpful
18
Replies

ACL stop blocking packets

netadmincsm
Level 1
Level 1

‎07-26-2011 02:01 PM - edited ‎03-07-2019 01:25 AM

Hi All

I have a master ACL called by around 6 or 7 Vlan Interface. 

About 15 or 20 minutes after applying the ACL, the traffic (that was blocked at the beginning) start to be permitted.

As soon as I start to modify the ACL the packets are block again.  Then, without changing anything the packet start to be permitted 15 or 20 minutes later.

Anyone have an idea ?

Thank you very much

Labels:
0 Helpful
18 Replies 18

grinch182
Level 1
Level 1
In response to Jon Marshall

‎08-03-2011 08:16 AM

Yeah, I can open it by notepad, but it has no txt extension =)

Anyway thank once again, I'll read about wildcard in ACLs

0 Helpful

grinch182
Level 1
Level 1
In response to Jon Marshall

‎08-03-2011 09:57 AM

So, I'm not sure if it's clear for me now. Am I able configure each octet in wildcard when I use it in ACL?

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to grinch182

‎08-03-2011 10:59 AM

Bascially yes. This is how they differ from subnet masks ie. you cannot have -

255.252.255.0 as a subnet mask because it must be contiguous. But there is no such requirement in acl wildcards masks so in effect you can configure each octet individually.

Most wildcards you see in acls are simply reverse subnet masks eg.

255.255.255.0 = 0.0.0.255

255.255.128.0  = 0.0.127.255

etc.. but they don't have to be just reverse subnet masks, they can be a lot more flexible than that.

Jon

0 Helpful

grinch182
Level 1
Level 1
In response to Jon Marshall

‎08-03-2011 11:12 AM

Thanks a lot, Jon. Now it's clear.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card