Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1455
Views
5
Helpful
1
Replies

unknown access list command

abdelrahman2002
Level 1
Level 1

‎08-15-2015 01:56 PM - edited ‎03-08-2019 01:22 AM

Hi, 

what is the result of this access list when applying to interface 

access-list 115 permit ip 0.0.0.0 255.255.255.0 any 

they write the subnet mask instead of wild mask or what

I tried on router and it accepted but I could not imagine what range it will permit?

thanks 

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎08-15-2015 02:14 PM

look at it with the same ACL-logic as always:

0: match the bit in the address-part

1: don't match the bit in the address-part

This ACE doesn't care what is in the first, second and third octet, but matches on the "0" in the forth octet. As this is rarely useful, I would assume that it just was a misconfiguration, that resulted from the try to allow a particular /24 network where accidentally a subnet-mask was configured instead of a wildcard-mask:

e881(config)#access-list 100 permit ip 172.16.10.0 255.255.255.0 any
e881(config)#do sh access-list 100
Extended IP access list 100
    10 permit ip 0.0.0.0 255.255.255.0 any
e881(config)#
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card