Is this wildcard mask including this specific address?

Unanswered Question
Feb 12th, 2008
User Badges:

Imagine I want to allow traffic from networks, including onto my router. Someone suggested the access-list below but I am not sure if this looks right:

They suggest 'permit ip any permit ip any'.

Is this going to include traffic from

I am aware that matches for the third and fourth octect will be the below therefore I don't think includes ".228.101/24". Do you agree this access-list is wrong?

Third Octet Match(es)





Fourth Octet Match(es)

0- 255

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Tue, 02/12/2008 - 11:21
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


There are a few things in your post that need some clarification. You ask about, and if you really want /24 then any address in the fourth octet would be included and it would be written as And if you really want the specific host address of then it is a /32.

I am not clear how you came up with the matches in the third octet that you mention. And I do not believe that the mask of will produce the results that you want. If you really want /24 then it should be written as permit ip any and if you really want the address then it would be written as permit ip any



Rick Morris Wed, 02/13/2008 - 12:35
User Badges:
  • Silver, 250 points or more

Yes the acl is wrong for use with wildcards

What you need to allow the entire /24 is

permit ip any

If you want just the host you specified above, then:

permit ip any host

If there is something you need in a larger block then it would be something entirely different.

We would need to know the subnet you are wanting in order to provide the correct wildcard mask.


This Discussion