09-09-2008 11:37 AM - edited 03-06-2019 01:16 AM
I have the following /16 172.31.0.0/16 that I'm trying to create an access list for. I'd like to allow 172.31.240.0/24 but deny all else, so I'm looking the best way to accomplish this with 2 acl lines.
Any help would be appreciated?
/rls
Solved! Go to Solution.
09-09-2008 12:00 PM
Robert,
Just a simple permit of the 172.31.240.0 subnet and deny the whole subnet will be sufficient.
permit ip 172.31.240.0 0.0.0.255
deny ip 172.31.0.0 0.0.255.255
HTH,
Mark
09-09-2008 12:00 PM
Robert,
Just a simple permit of the 172.31.240.0 subnet and deny the whole subnet will be sufficient.
permit ip 172.31.240.0 0.0.0.255
deny ip 172.31.0.0 0.0.255.255
HTH,
Mark
09-09-2008 12:15 PM
Thanks for the quick answer. Guess I was over-thinking the obvious!
/rls
09-09-2008 12:18 PM
Glad I was able to help!
Good Luck,
Mark
09-09-2008 12:05 PM
Hi,
The access list if you want to allow ip traffic sourced from 172.31.240.0/24 only as following :
access-list 100 permit ip 172.31.240.0 0.0.0.255 any
access-list 100 deny ip any any
Basically you need only one permit statement because there is implicit deny at the end of access-list.
HTH
Saju
Pls rate if it helps
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide