>access-list 199 permit ip 90.0.0.1 range 90.0.0.5 255.255.255.30 any log
>access-list 199 deny ip any any
>
> Any help will be deeply appreciated !!!
Drop the range, it's for specifying a range of tcp port numbers, the wildcard
mask (I remember it as the inverse of the subnet mask) takes care of the range
of IP addresses.
Try this instead:-
access-list 199 deny ip host 90.0.0.1 host 90.0.0.4 any log
access-list 199 deny ip host 90.0.0.1 host 90.0.0.31 any log
access-list 199 permit ip host 90.0.0.1 90.0.0.16 0.0.0.15 any log
access-list 199 permit ip host 90.0.0.1 90.0.0.8 0.0.0.7 any log
access-list 199 permit ip host 90.0.0.1 90.0.0.4 0.0.0.3 any log
access-list 199 deny ip any any
Is this being done on the same interface? As if it's local to the subnet, the
router will not be involved, being a layer 3 device.
Regards,
Michael Hollis
_____________________________________________________________________________________________________________________________________
L integrite de ce message n etant pas assuree sur Internet, la BNP ne peut etre tenue
responsable de son contenu.
Si vous n'etes pas destinataire de ce message, merci de le detruire et d'avertir l
expediteur.
---------------------------------------------------------------------------------
The integrity of this message cannot be guaranteed on the Internet. BNP can not
therefore be considered responsible for the contents.
If you are not the intended recipient of this message, then please delete it and
notify the sender.
_____________________________________________________________________________________________________________________________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
