Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

subnetting question

I've got a subnet: 172.16.32.0 /20

I want to allow only hosts from that network (172.16.32.0-172.16.47.0) to access my switch.

So I have an ACL:

access-list 101 permit ip 172.16.32.0 0.0.16.255 host 172.16.33.101 (ip of switch).

For some reason, the ACL doesn't work. If I use the 0.0.0.255 mask however, it works fine.

So apparently I may have got the mask in the ACL wrong.

Could someone please tell me what mask I should've used??

Thanks.

2 REPLIES
Cisco Employee

Re: subnetting question

Wildmask bits have to be contiguous.Try the following ACL statement instead:

access-list 101 permit ip 172.16.32.0 0.0.15.255 host 172.16.33.101

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
New Member

Re: subnetting question

Thank you.

Not sure how I totally forgot about that...maybe I should retake subnetting 101.

87
Views
4
Helpful
2
Replies
CreatePlease login to create content