Wildcard mask

Unanswered Question
Feb 8th, 2008

Hi seniors, On production router,I want to deny three hosts

1.10.5.9.7/24

2.10.5.10.7/24

3.10.5.11.7/24

What is your suggession

a.Should use separate access-list for three

b.Should combine (& how)

Best Regards, Tahir

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Istvan_Rabai Fri, 02/08/2008 - 19:08

Hi Tahir,


You can try the following access-list:


access-list 1 deny 10.5.8.7 0.0.3.0


This will only deny the mentioned 3 hosts.


Cheers:

Istvan

Istvan_Rabai Fri, 02/08/2008 - 19:32

Sorry Tahir,


I'm sleepy...


access-list 1 deny 10.5.8.7 0.0.3.0

access-list 1 permit any any


This will also deny host 10.5.8.7 /24, but from your post I assume you don't have that subnet at all.


Cheers:

Istvan

Istvan_Rabai Fri, 02/08/2008 - 19:54

Oh, this is incredible !


I really have to go to sleep now :)


access-list 1 deny 10.5.8.7 0.0.3.0

access-list 1 permit any


I typed too many "any"s.


Thanks:

Istvan


aijaz802 Sat, 02/09/2008 - 05:02

Hi Tahir,


I suggest to use 3 separate ACLs, assumed that the subnet 10.5.8.0 is used in network. Otherwise use combined ACLS as suggested by Istvan. But in this case one subnet will be wasted.


Thanks..


*aijaz*

Actions

This Discussion