10-13-2006 01:04 PM - edited 03-03-2019 02:20 PM
Hi,
If I deny a network, for example,
access-list deny 10.10.0.0 0.0.255.255
Does that mean that I also deny any subnet of 10.10.0.0/16? For exmaple, 10.10.10.0/24? So I don't need to create several ACL statements.
access-list deny 10.10.0.0 0.0.255.255
access-list deny 10.10.10.0 0.0.0.255 (redundant)
Thank you!
Solved! Go to Solution.
10-13-2006 01:09 PM
Kevin
Yes the statement access-list 1 deny 10.10.10.0 0.0.0.255 is redundant and not needed if the access list has the statement access-list 1 deny 10.10.0.0 0.0.255.255
HTH
Rick
10-13-2006 01:12 PM
There is no need to create the other list..
see for yoursefl..the access-list says ..deny any ip in the range of 10.10.x.x --- x.x can be anything ..may it be in a different subnet mask .
hope this helped. Plz rate
10-13-2006 01:09 PM
Kevin
Yes the statement access-list 1 deny 10.10.10.0 0.0.0.255 is redundant and not needed if the access list has the statement access-list 1 deny 10.10.0.0 0.0.255.255
HTH
Rick
10-13-2006 01:12 PM
There is no need to create the other list..
see for yoursefl..the access-list says ..deny any ip in the range of 10.10.x.x --- x.x can be anything ..may it be in a different subnet mask .
hope this helped. Plz rate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide