Thanks for your responses, everyone :)
Anyway, here's what I understand so far:
to permit range only 10.10.10.40 - 10.10.10.49
128 64 32 16 8 4 2 1
1 1 40
1 1 1 41
1 1 1 0 42
1 1 1 1 43
1 1 1 0 0 44
1 1 1 0 1 45
1 1 1 1 0 46
1 1 1 1 1 47
1 1 0 0 0 0 48
1 1 0 0 0 1 49
..
..
1 1 1 1 1 1 63
Until I draw this out, I realize if I use 10.10.10.40 0.0.0.31
(16+8+4+2+1=31, the last 5 bits unchecked), it would include addresses all
the way to 10.10.10.63
So then, I split off the first part
128 64 32 16 8 4 2 1
1 1 40
1 1 1 41
1 1 1 0 42
1 1 1 1 43
1 1 1 0 0 44
1 1 1 0 1 45
1 1 1 1 0 46
1 1 1 1 1 47
getting => 10.10.10.40 0.0.0.7 (4+2+1=7, the last 3 bits unchecked) - and
since this includes the range of 10.10.10.40 to 10.10.10.47, the next range
will start with 10.10.10.48:
128 64 32 16 8 4 2 1
1 1 0 0 0 0 48
1 1 0 0 0 1 49
getting => 10.10.10.48 0.0.0.1 (the last 1 bit unchecked) - hence getting
the range of 10.10.10.48 to 10.10.10.49
Am I on the right track? - and I'm very sorry for the long message (I just
want you guys to check whether my processes are correct or not)
And if I'm correct, is there any faster way than this?
Thanks again.
Hunt
""Tom Lisa"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Priscilla,
>
> You MUST have been in a hurry, 0 means match this bit position and 1
> means
> don't care. Definately can't argue with your second paragraph though.
>
> Prof. Tom Lisa, CCAI
> Community College of Southern Nevada
> Cisco Regional Networking Academy
>
> Priscilla Oppenheimer wrote:
>
> Have you put the addresses and masks in binary and tried to work it
> out for
> yourself? In the mask, 0 means "don't care" and 1 means "must match."
>
> This is a quick answer due to a shortage of time and because I think
> you
> will learn best if you do it yourself.
>
> Priscilla
>
> At 05:38 PM 1/5/02, Hunt Lee wrote:
> >Thanks for the response guys :) But can anyone explain to me how
> do you
> >guys derive:
> >
> >10.10.10.40 0.0.0.7 & 10.10.10.48 0.0.0.1
> >
> >And also, for the second statement, how do you know 48 has to be
> placed in
> >the fourth octet?
> >
> >I'm still very confused, but thanks for your help in advance.
> >
> >Best Regards,
> >Hunt Lee
> >
> >
> >""Gaz"" wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > You're not wrong, spotted the previous mistake, you just missed
> off an
> > > address. That's a nice way of putting it eh?
> > >
> > > Changing your second line to Permit 10.10.10.48 0.0.0.1 will do
> the trick
> > > because it allows 48 and 49 through.
> > >
> > > Regards,
> > >
> > > Gaz
> > >
> > >
> > > ""Shengtao"" wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > I think "Permit 10.10.10.40 0.0.0.7" will allow 40-47, and you
> need
> > > another
> > > > statement " Permit 10.10.10.48 0.0.0.0" to allow 48 to get
> through.
> > > >
> > > > Am I worng?
> > > >
> > > >
> > > > ""Godswill HO"" wrote in message
> > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > > Hi,
> > > > >
> > > > > Try the following:
> > > > >
> > > > > IP access-list standard allowed
> > > > > Permit 10.10.10.40 0.0.0.7
> > > > > Permit 10.10.10.49 0.0.0.0
> > > > >
> > > > > The first permit statement allow addresses n.n.n.40 to
> n.n.n.48,
> while
> > > the
> > > > > last one allow address n.n.n.49. There is no way you can deny
> whole
> > > range
> > > > > without affecting other addresses with one single statement.
> > > > >
> > > > > When appliying it to your interface say:
> > > > >
> > > > > Router(config-if)#IP access-group allowed in
> > > > >
> > > > > Regards.
> > > > > Oletu
> > > > >
> > > > > ----- Original Message -----
> > > > > From: Hunt Lee
> > > > > To:
> > > > > Sent: Friday, January 04, 2002 9:29 PM
> > > > > Subject: Access-List questions [7:31001]
> > > > >
> > > > >
> > > > > > Hello there,
> > > > > >
> > > > > > I need some help on Access-Lists:
> > > > > >
> > > > > > Say if I want to permit network access to only 10.10.10.1 -
> > > 10.10.10.254
> > > > > >
> > > > > > I know you can simply use:
> > > > > >
> > > > > > Access-list 10 permit 10.10.10.0 0.0.0.255
> > > > > >
> > > > > > However, if I want to only permit the range of 10.10.10.40
> to
> > > > 10.10.10.49
> > > > > > (inclusive), then what should I do?
> > > > > >
> > > > > > Any help is greatly appreciated.
> > > > > >
> > > > > > Best Regards,
> > > > > > Hunt Lee
> > > > > > IP Solution Analyst
> > > > > > Cable & Wireless
> > > > > _________________________________________________________
> > > > > Do You Yahoo!?
> > > > > Get your free @yahoo.com address at http://mail.yahoo.com
> ________________________
>
> Priscilla Oppenheimer
> http://www.priscilla.com
> [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31123&t=31123
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
