Cisco ACL Permit Range


I want to permit all traffic to the following IP range: - - what entry would i add to an acl?

I have tried permit ip *.*.*.* any but am unsure how to calculate the *.*.*.*.

Who is Participating?
lrmooreConnect With a Mentor Commented:
No. Masks only go so far. You have to break up into maskable "chunks"
The only mask that will include 10 - 13 is / 30 only includes .9 and .10 with .11 as broadcast / 30 only includes .13 and .14 with .15 as broadcast
The only way to get both 10 and 13 in the same mask is to go one bit back to .29 / 29 includes .9 through .14 with .15 as broadcast
With wildcard masks you can do even/odd numbers, but that still wouldn't give you the desired results to include 10, 11, 12 and 13
Your other option is to explicitly include each of the 4 IP's and all others are blocked by the implicit deny all
 permit ip host any
 permit ip host any
 permit ip host any
 permit ip host any
permit ip any

This will include hosts - .14

You would have to exclude .9 and .14 explicitly:
deny ip host any
deny ip host any
permit ip any

The mask is a wildcard mask instead of subnet mask.
Take the subnet mask that you would calculate to include the addresses that you want and subtract from
                       0 .   0.   0.   7 = wildcard mask ( or more accurately, and 'inverse' mask)

Barnardos_2LSAuthor Commented:
Is their any way around having to exclude .9 and .14 explicitly?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.