Yongwee, ! ! Deny even numbers but permit everything else ! access-list 101 deny tcp 192.168.2.0 0.0.0.254 host 192.168.1.254 eq telnet access-list 101 permit any any ! implicit deny all here ! ! or perhaps more efficiently ! ! ! Permit odd numbers only ! access-list 101 permit tcp 192.168.2.1 0.0.0.254 host 192.168.1.254 eq telnet ! implicit deny all here ! These answers are based on the fact that an even number in binary will have a least significant digit of 0 in the octet while an odd number will have a 1. Thus the 0.0.0.254 mask isolates the least significant digit for a match against either a 1 or a zero.
FWIW, Bob ""Yong Wee"" wrote in message news:[EMAIL PROTECTED] > Hi, > How do you write an ext acl to block telnet access from even addresses in > subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254? > > rgds, > yongwee > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75262&t=75257 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html