Jans van Deventer wrote: >>I have a 1600 router running a 12021 IP PLUS --- I have tried to >>add access-lists to block all sites incoming except 192.100.34.100-> 150. > > >>Can someone help with the correct lists. > > > - jvd wrote: > >>This is interesting. Obviously one solution is to deny the 50 >>hosts with 50 deny statements.
Since he wants to block all *except* the range of 50, wouldn't this be a better option? access-list 110 permit ip 192.100.34.100 0.0.0.3 ! 100-103 access-list 110 permit ip 192.100.34.104 0.0.0.7 ! 104-111 access-list 110 permit ip 192.100.34.112 0.0.0.15 ! 112-127 access-list 110 permit ip 192.100.34.128 0.0.0.15 ! 128-143 access-list 110 permit ip 192.100.34.144 0.0.0.3 ! 144-147 access-list 110 permit ip 192.100.34.148 0.0.0.1 ! 148-149 access-list 110 permit ip 192.100.34.150 0.0.0.0 ! 150 access-list 110 deny ip any any -jm Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71767&t=71696 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
