06-11-2009 08:16 PM - edited 03-04-2019 05:05 AM
I have to deny 51.3.0.1,51.5.0.1,51.7.0.1,51.3.0.9,51.5.0.9 & 51.7.0.9. The problem is I have use only ONE line in Standard ACL. What should be ACL for that.
06-11-2009 09:06 PM
I don't think you can put all those IP Addresses in one line of a STANDARD ACL.
06-13-2009 12:27 PM
Hi Rupesh,
This is the toughest possible ACL that includes all of these routes.
access-list 1 deny 51.1.0.1 0.6.0.8
access-list 1 permit any
Of course, the "permit any" statement is needed, otherwise the "deny" statement is useless.
Please note that this ACL includes some other prefixes not listed by you, but I tried to narrow its scope as far as I could.
Cheers:
Istvan
06-14-2009 07:35 AM
51.3.0.1
51.5.0.1
51.7.0.1
51.3.0.9
51.5.0.9
51.7.0.9
This denies from 51.0.0.1 - 51.7.255.254
access-list 1 per 51.3.0.0 0.7.255.255
route-map DENY51 deny 10
match ip address 1
route-map DENY51 per 20
router ospf 1
distribute-list route-map DENY51 in
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: