Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
330
Views
0
Helpful
3
Replies

Standard ACL in One line

Rupesh Kashyap
Level 1
Level 1

‎06-11-2009 08:16 PM - edited ‎03-04-2019 05:05 AM

I have to deny 51.3.0.1,51.5.0.1,51.7.0.1,51.3.0.9,51.5.0.9 & 51.7.0.9. The problem is I have use only ONE line in Standard ACL. What should be ACL for that.

Labels:
0 Helpful
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎06-11-2009 09:06 PM

I don't think you can put all those IP Addresses in one line of a STANDARD ACL.

0 Helpful

Istvan_Rabai
Level 7
Level 7

‎06-13-2009 12:27 PM

Hi Rupesh,

This is the toughest possible ACL that includes all of these routes.

access-list 1 deny 51.1.0.1 0.6.0.8

access-list 1 permit any

Of course, the "permit any" statement is needed, otherwise the "deny" statement is useless.

Please note that this ACL includes some other prefixes not listed by you, but I tried to narrow its scope as far as I could.

Cheers:

Istvan

0 Helpful

Peter010101
Level 1
Level 1

‎06-14-2009 07:35 AM

51.3.0.1

51.5.0.1

51.7.0.1

51.3.0.9

51.5.0.9

51.7.0.9

This denies from 51.0.0.1 - 51.7.255.254

access-list 1 per 51.3.0.0 0.7.255.255

route-map DENY51 deny 10

match ip address 1

route-map DENY51 per 20

router ospf 1

distribute-list route-map DENY51 in

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card