Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Wildcard mask

Hi seniors, On production router,I want to deny three hosts

1.10.5.9.7/24

2.10.5.10.7/24

3.10.5.11.7/24

What is your suggession

a.Should use separate access-list for three

b.Should combine (& how)

Best Regards, Tahir

4 REPLIES

Re: Wildcard mask

Hi Tahir,

You can try the following access-list:

access-list 1 deny 10.5.8.7 0.0.3.0

This will only deny the mentioned 3 hosts.

Cheers:

Istvan

Re: Wildcard mask

Sorry Tahir,

I'm sleepy...

access-list 1 deny 10.5.8.7 0.0.3.0

access-list 1 permit any any

This will also deny host 10.5.8.7 /24, but from your post I assume you don't have that subnet at all.

Cheers:

Istvan

Re: Wildcard mask

Oh, this is incredible !

I really have to go to sleep now :)

access-list 1 deny 10.5.8.7 0.0.3.0

access-list 1 permit any

I typed too many "any"s.

Thanks:

Istvan

Bronze

Re: Wildcard mask

Hi Tahir,

I suggest to use 3 separate ACLs, assumed that the subnet 10.5.8.0 is used in network. Otherwise use combined ACLS as suggested by Istvan. But in this case one subnet will be wasted.

Thanks..

*aijaz*

175
Views
0
Helpful
4
Replies