acl

Unanswered Question
May 1st, 2007

If I need to give access to a class b network in an acl/static statement would the following statement work...

access-list acl_out permit tcp host xxx.xxx.0.0 host my.outside.ip eq ssh

static (inside,outside) tcp my.outside.ip ssh my.inside.ip ssh netmask 255.255.255.255 0 0

I've used this configuration before when I had the single IP address but when it is a whole class b I wasn't sure if the xxx.xxx.0.0 would work.

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
acomiskey Tue, 05/01/2007 - 09:58

access-list acl_out permit tcp x.x.0.0 255.255.0.0 host my.outside.ip eq ssh

When doing networks, do not use keyword "host", that host keyword is same as mask 255.255.255.255.

Actions

This Discussion