RE: access list command

Gyalokay, Kornel A Mon, 25 Sep 2000 12:36:23 -0700
No getlemen... that access list would actually deny everything by itself.
The reason for this is the symantic mistake in the statement.  You have
specified the key word host.  This means that it's going to permit your
packet if your host ip is 0.0.0.0 (will never happen) and only if it goes to
a destination box with the ip of 0.0.0.0 (which once again will never
happen).  Since the deny any any is an implicit statement no traffic would
cross that ACL.  Your initial statement may be re-written as follows:
"access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255.
Remember wild masks when using ACLs.  Had you specified the the following:
"access-list 101 permit ip 0.0.0.0 0.0.0.0 any" then it would let everything
pass because the wild-mask encompasses the entire available IP.V4 network. 

        Hope this cleared up some of the confusion.

                -KSG (NP,DP,IE)

> -----Original Message-----
> From: Donald B Johnson Jr [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, September 25, 2000 5:31 PM
> To:   Hubert Pun; Cisco Study Group
> Subject:      Re: access list command
> 
> I think that would let all traffic through
> Duck
> ----- Original Message ----- 
> From: Hubert Pun <[EMAIL PROTECTED]>
> To: Cisco Study Group <[EMAIL PROTECTED]>
> Sent: Monday, September 25, 2000 10:16 AM
> Subject: access list command
> 
> 
> > Hi
> > 
> > what does the "access-list 100 permit ip host 0.0.0.0 host 0.0.0.0"
> > applied to an interface do?
> > 
> > Is it only permitting the default route going through ?
> > 
> > Thanks in advanced
> > 
> > Hubert
> > 
> > 
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _________________________________
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access list command

Reply via email to
