Cisco Access List Help Needed

Hi-

I am trying to set an extend access-list only for systems 10.0.10.100 and above. My access list command is as follows.

access-list 101 permit tcp 10.0.10.100 0.0.0.255 10.0.80.0 0.0.0.255 eq www

When I, wr mem and then show config it always comes back as:

access-list 101 permit tcp 10.0.10.0 0.0.0.255 10.0.80.0 0.0.0.255 eq www

How do I change it to this just 100 and above?

Thanks in advance.
doctor069Asked:
Who is Participating?
 
davorinConnect With a Mentor Commented:
I'm afraid that you will need multiple lines.
Something like:
access-list 101 permit tcp 10.0.10.100 0.0.0.27 10.0.80.0 0.0.0.255 eq www
access-list 101 permit tcp 10.0.10.128 0.0.0.127 10.0.80.0 0.0.0.255 eq www

Please check this links as I'm not sure if I have specified correct ranges:
http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html
http://www.tek-tips.com/viewthread.cfm?qid=1464488

Hope it is of any help.
0
 
doctor069Author Commented:
Perfect! Thanks for your help
0
 
RafaelCommented:
If you're stuck on a specific range you could always add them manually as below, but it can be long. You may be better off using a /26 or /27 range.

permit tcp 10.0.100.100 0.0.0.255 any range 80 eq www
permit tcp 10.0.100.101 0.0.0.255 any range 80 eq www
permit tcp 10.0.100.102 0.0.0.255 any range 80 eq www
permit tcp 10.0.100.103 0.0.0.255 any range 80 eq www
permit tcp 10.0.100.104 0.0.0.255 any range 80 eq www
permit tcp 10.0.100.105 0.0.0.255 any range 80 eq www
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.