Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

about rule in FWSM

Hi all,

I confuse about configuring rule in FWSM,

I use Catalyst 6513 + FWSM, I configure one rule:

Source Dest Service

10.20.4.0/27 any IP

that means I have 32 address from 1 to 32 to connect to any with service IP. But when I test, I only configure from 1 to 31, IP 32 can't connnect to any. If you know why, please answer me early.

Thank you very much.

Regards,

1 REPLY
Hall of Fame Super Blue

Re: about rule in FWSM

Hi

This is because .32 is not part of your 10.20.4.0/27 subnet. Think of it like this.

/27 = 255.255.255.224

256 - 224 = 32 so your subnets go up in 32's eg.

Ist subnet = 10.20.4.0 255.255.255.224

2nd subnet = 10.20.4.32 255.255.255.224

3rd subnet = 10.20.4.64 255.255.255.224

etc...

So .32 is the network address of the next subnet.

Just for completeness you shouldn't really use .31 as an IP address of a host either as this is the broadcast address for the 10.20.4.0/27 subnet.

HTH

Jon

215
Views
0
Helpful
1
Replies
CreatePlease login to create content