10-13-2006 01:04 PM - edited 03-03-2019 02:20 PM
Hi,
If I deny a network, for example,
access-list deny 10.10.0.0 0.0.255.255
Does that mean that I also deny any subnet of 10.10.0.0/16? For exmaple, 10.10.10.0/24? So I don't need to create several ACL statements.
access-list deny 10.10.0.0 0.0.255.255
access-list deny 10.10.10.0 0.0.0.255 (redundant)
Thank you!
Solved! Go to Solution.
10-13-2006 01:09 PM
Kevin
Yes the statement access-list 1 deny 10.10.10.0 0.0.0.255 is redundant and not needed if the access list has the statement access-list 1 deny 10.10.0.0 0.0.255.255
HTH
Rick
10-13-2006 01:12 PM
There is no need to create the other list..
see for yoursefl..the access-list says ..deny any ip in the range of 10.10.x.x --- x.x can be anything ..may it be in a different subnet mask .
hope this helped. Plz rate
10-13-2006 01:09 PM
Kevin
Yes the statement access-list 1 deny 10.10.10.0 0.0.0.255 is redundant and not needed if the access list has the statement access-list 1 deny 10.10.0.0 0.0.255.255
HTH
Rick
10-13-2006 01:12 PM
There is no need to create the other list..
see for yoursefl..the access-list says ..deny any ip in the range of 10.10.x.x --- x.x can be anything ..may it be in a different subnet mask .
hope this helped. Plz rate
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: