11-22-2013 03:11 PM - edited 03-11-2019 08:08 PM
Hello,
I have a server with IP address 172.22.94.224/22 and an ACL statement in one of the ASAs as follows "access-list 145 permit ip 172.22.94.224 0.0.0.31 any"
I got confused by the inverse mask address(0.0.0.31) and I would like some clarification.
Much appreciated.
Best, ~sK
Solved! Go to Solution.
11-22-2013 05:06 PM
0.0.0.31 is a mask that has 27 bits set to 0 (match) and five bits set to one (don't match). With that mask in the ACL you allow 32 addresses, in your case from 172.22.94.224 to 172.22.94.255.
Wildcardmasks are very good explained in the Wikipedia-article: http://en.wikipedia.org/wiki/Wildcard_mask
Sent from Cisco Technical Support iPad App
11-22-2013 04:38 PM
if that is really an ACL from an ASA, then it's probably wrong as the ASA doesn't use the inversed wildcardmask. The router-wildcard-mask of 0.0.0.31 would be 255.255.255.224 on the ASA.
Sent from Cisco Technical Support iPad App
11-22-2013 04:49 PM
Sorry, the inv mask is on the 4507 not the ASA. My question is what does this statement "
access-list 145 permit ip 172.22.94.224 0.0.0.31" mean?
Best, ~sK
11-22-2013 05:06 PM
0.0.0.31 is a mask that has 27 bits set to 0 (match) and five bits set to one (don't match). With that mask in the ACL you allow 32 addresses, in your case from 172.22.94.224 to 172.22.94.255.
Wildcardmasks are very good explained in the Wikipedia-article: http://en.wikipedia.org/wiki/Wildcard_mask
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: