Barnardos_2LS
asked on
Cisco ACL Permit Range
Hi,
I want to permit all traffic to the following IP range: 10.20.16.10 - 10.20.16.13 - what entry would i add to an acl?
I have tried permit ip 10.20.16.10 *.*.*.* any but am unsure how to calculate the *.*.*.*.
Mike
I want to permit all traffic to the following IP range: 10.20.16.10 - 10.20.16.13 - what entry would i add to an acl?
I have tried permit ip 10.20.16.10 *.*.*.* any but am unsure how to calculate the *.*.*.*.
Mike
ASKER
Is their any way around having to exclude .9 and .14 explicitly?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This will include hosts 10.20.16.9 - .14
You would have to exclude .9 and .14 explicitly:
deny ip host 10.20.16.9 any
deny ip host 10.20.16.14 any
permit ip 10.20.16.8 0.0.0.7 any
The mask is a wildcard mask instead of subnet mask.
Take the subnet mask that you would calculate to include the addresses that you want and subtract from 255.255.255.255
Example:
255.255.255.255
10.20.16.8 - 255.255.255.248
0 . 0. 0. 7 = wildcard mask ( or more accurately, and 'inverse' mask)