Access Control Lists

Unanswered Question
Sep 8th, 2008

ok I know about the 5 different acls and the basics of how they work, but what gets me is how to restrice some ip addresses from getting access like

192.168.1.0 0.0.24.255 or something like that, how is this worked out

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
matej.polak Mon, 09/08/2008 - 12:26

Hi,

this is so called wild card mask. To make it as simple as possible, it is the opposite of the network mask.

Example:

if you want to deny this subnet: 192.168.1.0 255.255.255.0

you have to use this wild card mask: 0.0.0.255

The formula to calculate the wild card is:

255.255.255.255 - subnet mask = wild card mask

255.255.255.255 - 255.255.255.0 = 0.0.0.255

In subnet mask the 1 bit must match and 0 is ignored.

In wild card mask the 0 bit must match and 1 is ignored.

Actions

This Discussion