cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
317
Views
0
Helpful
3
Replies

Standard ACL in One line

Rupesh Kashyap
Level 1
Level 1

I have to deny 51.3.0.1,51.5.0.1,51.7.0.1,51.3.0.9,51.5.0.9 & 51.7.0.9. The problem is I have use only ONE line in Standard ACL. What should be ACL for that.

3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

I don't think you can put all those IP Addresses in one line of a STANDARD ACL.

Istvan_Rabai
Level 7
Level 7

Hi Rupesh,

This is the toughest possible ACL that includes all of these routes.

access-list 1 deny 51.1.0.1 0.6.0.8

access-list 1 permit any

Of course, the "permit any" statement is needed, otherwise the "deny" statement is useless.

Please note that this ACL includes some other prefixes not listed by you, but I tried to narrow its scope as far as I could.

Cheers:

Istvan

Peter010101
Level 1
Level 1

51.3.0.1

51.5.0.1

51.7.0.1

51.3.0.9

51.5.0.9

51.7.0.9

This denies from 51.0.0.1 - 51.7.255.254

access-list 1 per 51.3.0.0 0.7.255.255

route-map DENY51 deny 10

match ip address 1

route-map DENY51 per 20

router ospf 1

distribute-list route-map DENY51 in

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco