Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access Control Lists

ok I know about the 5 different acls and the basics of how they work, but what gets me is how to restrice some ip addresses from getting access like

192.168.1.0 0.0.24.255 or something like that, how is this worked out

1 REPLY
New Member

Re: Access Control Lists

Hi,

this is so called wild card mask. To make it as simple as possible, it is the opposite of the network mask.

Example:

if you want to deny this subnet: 192.168.1.0 255.255.255.0

you have to use this wild card mask: 0.0.0.255

The formula to calculate the wild card is:

255.255.255.255 - subnet mask = wild card mask

255.255.255.255 - 255.255.255.0 = 0.0.0.255

In subnet mask the 1 bit must match and 0 is ignored.

In wild card mask the 0 bit must match and 1 is ignored.

143
Views
0
Helpful
1
Replies
CreatePlease login to create content