From: Jeffrey Fry (Jeff@FryGuy.Net)
Date: Tue May 23 2006 - 17:24:00 ART
Using the deny any any at the end of an ACL with the added command LOG
is good for the lab. This will allow you to see what is being denied
and is one way to easily confirm or deny that the ACL is working.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Quetta Walla
Sent: Sunday, May 21, 2006 11:59 PM
To: gigi.ccie@gmail.com; ccielab@groupstudy.com
Subject: Re: How can I permit or deny even and odd subnets?
why are u using extended acl
to permit any networks with second octet as even: access 11 permit
0.0.0.0 255.254.255.255
for odd: access 11 permit 0.1.0.0 255.254.255.255 you do not need the
deny statement at the end. That is the action by default.
> ----- Original Message -----
> From: gigi.ccie@gmail.com
> To: ccielab@groupstudy.com
> Subject: How can I permit or deny even and odd subnets?
> Date: Sun, 21 May 2006 11:56:22 -0400
>
>
> Friends,
>
> How can I permit or deny even or odd subnets? I mean how to know when
> to use one over the other?
>
> If I have a requirement to allow even subnets from 172.16.0.0? Can I
> just permit the evens? Would I be wrong if I denied the odd subnets?
>
> I think I would need something like this
>
> access-list 101 permit ip 172.16.0.0 0.0.254.255 access-list 101 deny
> any any
>
> or
>
> access-list 101 deny ip 172.16.0.0 0.0.1.255 access-list 101 permit
> any any
>
> or
>
> access-list 101 permit ip 172.16.0.0 0.0.254.0 access-list deny any
> any
>
> access-list 101 deny ip 172.16.0.0 0.0.1.0 access-list permit any any
>
> Does this look right?
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
--
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART