Solved: Help with access list

chrisblaze · ‎06-27-2008

Is there an easier way to understand the wildcard mask when configuring ACLs? I hardly understand how to get the correct wcm.

Jon Marshall · ‎06-27-2008

Chris

Easiest way for me is to flip the bits from the normal subnet mask (sb) eg.

sb -> 255.255.255.0 = wcm -> 0.0.0.255

sb -> 255.255.0.0 = wcm -> 0.0.255.255

They are the easy ones, where there is a 255 in the sb make it a 0 for the wcm and where there is a 0 in the sb make it a 255 in the wcm.

To come up a wildcard mask for others eg.

sb -> 255.255.255.128 = wcm = 0.0.0.127

sb -> 255.255.255.192 = wcm = 0.0.0.63

sb -> 255.255.255.248 = wcm 0.0.0.7

quick way to work out - take the octet that isn't 255 and subtract it from 256 then subtract 1 ie.

sb -> 255.255.255.192 =

256 - 192 = 64 - 1 = 63 so

wcm = 0.0.0.63

sb -> 255.255.224.0 =

256 - 224 = 32 - 1 = 31 so

wcm = 0.0.31.255

Hope that makes sense

Jon

Jon Marshall · ‎06-27-2008