acl

Unanswered Question
May 1st, 2007
User Badges:

If I need to give access to a class b network in an acl/static statement would the following statement work...


access-list acl_out permit tcp host xxx.xxx.0.0 host my.outside.ip eq ssh


static (inside,outside) tcp my.outside.ip ssh my.inside.ip ssh netmask 255.255.255.255 0 0


I've used this configuration before when I had the single IP address but when it is a whole class b I wasn't sure if the xxx.xxx.0.0 would work.


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
acomiskey Tue, 05/01/2007 - 09:58
User Badges:
  • Green, 3000 points or more

access-list acl_out permit tcp x.x.0.0 255.255.0.0 host my.outside.ip eq ssh


When doing networks, do not use keyword "host", that host keyword is same as mask 255.255.255.255.

Actions

This Discussion