Could anyone tell me how I could create an access-list (just add one line to an existing one, really) where I would permit traffic between x.x.(200+x).x to x.x.(200+x).x ? Basically I would like to allow all our subnets that have 200 and up in the third octet to talk to each other. Is there any way to do this?
You cannot do that in a single line. If you want to allow all traffic from and to IP addresses a.b.200-255.0-255 it is not possible in one line.
Access lists use wild cards based on binary digits.
200 = 11001000
255 = 11111111
If it was from 192 to 255 it was simply all IP addresses bit the highest two bits set (11xxxxxx).
You have 200. The first range you can cover from 224-255 with mask 111xxxxx, i.e.
permit a.b.224.0 0.0.31.255
Next you can cover 208-223 with
permit a.b.208.0 0.0.15.255
Next you can cover 200-207 with
permit a.b.200.0 0.0.7.255
Thus you need at least three lines.
How to set up the access list depends on whether you use standard access lists or extended access lists. For the latter, if you really want to permit only packets from and to these three ranges you need a total of 9 lines.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...