Access Control Lists

Unanswered Question
Sep 8th, 2008
User Badges:

ok I know about the 5 different acls and the basics of how they work, but what gets me is how to restrice some ip addresses from getting access like


192.168.1.0 0.0.24.255 or something like that, how is this worked out

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
matej.polak Mon, 09/08/2008 - 12:26
User Badges:

Hi,


this is so called wild card mask. To make it as simple as possible, it is the opposite of the network mask.


Example:

if you want to deny this subnet: 192.168.1.0 255.255.255.0

you have to use this wild card mask: 0.0.0.255


The formula to calculate the wild card is:

255.255.255.255 - subnet mask = wild card mask


255.255.255.255 - 255.255.255.0 = 0.0.0.255



In subnet mask the 1 bit must match and 0 is ignored.

In wild card mask the 0 bit must match and 1 is ignored.

Actions

This Discussion