ACL question

Answered Question
Apr 12th, 2010
User Badges:

Hi all,


I have one Extended Access list question to ask


if we have 2 pc with ip 5.1.1.8/24  and 5.1.1.10 /24  and we apply this acl on ethernet interface of router

with ip access-group 101 in



here  is acl


access-list 101 deny tcp 5.1.1.8 0.0.0.3 any eq 80

access-list permit ip any any


here we are blocking the internet access for users


my question is are we blocking the single user or all users in the 5.1.1.0 network?


i know when we want to deny single user we can use host or 0.0.0.0  as wilcard masks.

thanks

mahesh

Correct Answer by Jon Marshall about 6 years 11 months ago

mahesh18 wrote:


Hi all,


I have one Extended Access list question to ask


if we have 2 pc with ip 5.1.1.8/24  and 5.1.1.10 /24  and we apply this acl on ethernet interface of router

with ip access-group 101 in



here  is acl


access-list 101 deny tcp 5.1.1.8 0.0.0.3 any eq 80

access-list permit ip any any


here we are blocking the internet access for users


my question is are we blocking the single user or all users in the 5.1.1.0 network?


i know when we want to deny single user we can use host or 0.0.0.0  as wilcard masks.

thanks

mahesh


Mahesh


5.1.1.8 0.0.0.3 = hosts 5.1.1.9, 5.1.1.10 & 5.5.1.11


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Mon, 04/12/2010 - 05:51
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

mahesh18 wrote:


Hi all,


I have one Extended Access list question to ask


if we have 2 pc with ip 5.1.1.8/24  and 5.1.1.10 /24  and we apply this acl on ethernet interface of router

with ip access-group 101 in



here  is acl


access-list 101 deny tcp 5.1.1.8 0.0.0.3 any eq 80

access-list permit ip any any


here we are blocking the internet access for users


my question is are we blocking the single user or all users in the 5.1.1.0 network?


i know when we want to deny single user we can use host or 0.0.0.0  as wilcard masks.

thanks

mahesh


Mahesh


5.1.1.8 0.0.0.3 = hosts 5.1.1.9, 5.1.1.10 & 5.5.1.11


Jon

Actions

This Discussion