the first access-list will not work.
The second one will also deny networks 192.17.72.0 and 78.0 as well as 79.0
-
You are correct about zeros must make at 1's are don't care, but you need to
understand the basic of subnetting. A 248.0 subnet mask means 8 "Class C"
subnets. You have to start at a valid network address which in this case is
192.17.72.0
Router(config)#access-list 11 deny 192.17.73.0 0.0.7.255
Router#sho access-list 11
Standard IP access list 11
deny 192.17.72.0, wildcard bits 0.0.7.255
Notice that it fixes your mistake for you.
Regards
Andrew
CCNP, CCDP, CSS1
-----Original Message-----
From: Jason Steig [mailto:[EMAIL PROTECTED]
Sent: 25 February 2003 16:26
To: [EMAIL PROTECTED]
Subject: new access list problem [7:63715]
Hello i networks 192.17.73.0 - 192.17.77.0
is there anyway to deny these networks with one entry in an access list?
such as deny 192.17.73.0 0.0.248.255?
is this going to deny these networks? it's also going to black hole several
other networks though. Or does the list have to be
deny 192.17.73.0 0.0.7.255 ?
i thought zeros must match and ones we don't care.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63722&t=63715
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
