ip range acl

faizkarimullah baig · ‎06-17-2013

hi

in lan we use subnet 10.10.16.0/22 ,from 10.10.16.1 to 10.10.18.200 is using and remaining we want to block in router using acl

how can i configure router plz suggest me

Zeeshan Siddiqui · ‎06-17-2013

Hi Faiz,

Please provide more info the question is bit confusing

please provide a network diagram is possible

Thanks,

Zeeshna

faizkarimullah baig · ‎06-17-2013

Hi zeeshna ,

a). in lan we use a subnet 10.10.16.0/22 means ip range from 10.10.16.1 to 10.10.19.254 .

b) we assgined ips to nodes from 10.10.16.1 to 10.10.18.200.

c)remaining ips means 10.10.18.201 to 10.10.19.254 is assgined to any nodes by manually ,that nodes traffic should be rejected by router

means as far as i know i configure acl using host or network, can i configure acl ips range like to allow 10.10.16.1 to 18.200 by router and remaing ips block.

Thanks,

Faiz

Bilal Nawaz · ‎06-17-2013

No you cannot specify address ranges like this.

You specify address blocks using wildcard masks in ACLs along with hosts.

You can split it like

10.10.16.0/23 10.10.16.0 - 10.10.17.255
10.10.18.0/25 10.10.18.0 - 10.10.18.127
10.10.18.128/26 10.10.18.128 - 10.10.18.191
10.10.18.192/29 - 10.10.18.192 - 10.10.18.199
10.10.18.200/32

This should be sufficient for you to use.
Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.