09-09-2008 11:37 AM - edited 03-06-2019 01:16 AM
I have the following /16 172.31.0.0/16 that I'm trying to create an access list for. I'd like to allow 172.31.240.0/24 but deny all else, so I'm looking the best way to accomplish this with 2 acl lines.
Any help would be appreciated?
/rls
Solved! Go to Solution.
09-09-2008 12:00 PM
Robert,
Just a simple permit of the 172.31.240.0 subnet and deny the whole subnet will be sufficient.
permit ip 172.31.240.0 0.0.0.255
deny ip 172.31.0.0 0.0.255.255
HTH,
Mark
09-09-2008 12:00 PM
Robert,
Just a simple permit of the 172.31.240.0 subnet and deny the whole subnet will be sufficient.
permit ip 172.31.240.0 0.0.0.255
deny ip 172.31.0.0 0.0.255.255
HTH,
Mark
09-09-2008 12:15 PM
Thanks for the quick answer. Guess I was over-thinking the obvious!
/rls
09-09-2008 12:18 PM
Glad I was able to help!
Good Luck,
Mark
09-09-2008 12:05 PM
Hi,
The access list if you want to allow ip traffic sourced from 172.31.240.0/24 only as following :
access-list 100 permit ip 172.31.240.0 0.0.0.255 any
access-list 100 deny ip any any
Basically you need only one permit statement because there is implicit deny at the end of access-list.
HTH
Saju
Pls rate if it helps
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: