Re: ACCESS-LIST

From: VirtRack.com Mailing Lists (ciscolists@gmail.com)
Date: Mon Dec 04 2006 - 11:36:47 ART

• Next message: Maurizio Dell'Amore: "remove from list"
• Previous message: haducbinh: "RE: ACCESS-LIST"
• Maybe in reply to: deji500@hotmail.com: "ACCESS-LIST"
• Next in thread: Nick Griffin: "Re: ACCESS-LIST"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

 Yes it will work, but it will deny 2 more addresses than just what was
listed, as I detailed before. If the requirements are for ONLY the listed
networks and nothing more, you will need to use more than one line to match
them:

access-list 1 deny 51.3.0.1 0.4.0.8 (will catch the 51.3 and 51.7 networks)
access-list 1 deny 51.5.0.1 0.0.0.8 (will catch both of the 51.5 networks)
access-list 1 permit any (will allow rest of traffic to pass)

 On 12/4/06, Matemane, Walter <walter.matemane@liberty.co.za> wrote:
>
> AND = 51.1.0.1
> XOR = 0.6.0.8
> I think access-list 1 deny 51.1.0.1 0.6.0.8 will work.
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On Behalf Of
> Scott Morris
> Sent: 04 December 2006 03:35 PM
> To: 'haducbinh'; deji500@hotmail.com; ccielab@groupstudy.com
> Subject: RE: ACCESS-LIST
>
> That would deny .0 and .1 in the first octet and would be rewritten as
> 51.0.0.1 0.1.0.8....
>
> HTH,
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
> JNCIE
> #153, CISSP, et al.
> CCSI/JNCI-M/JNCI-J
> IPExpert VP - Curriculum Development
> IPExpert Sr. Technical Instructor
> smorris@ipexpert.com
> http://www.ipexpert.com
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> haducbinh
> Sent: Monday, December 04, 2006 6:16 AM
> To: deji500@hotmail.com; ccielab@groupstudy.com
> Subject: RE: ACCESS-LIST
>
> You should use this ACL:
> access-list 1 deny 51.1.0.1 0.1.0.8
>
> HaDucBinh
> Mail: haducbinh@vnpro.org
> Phone: +84 908 191 322
> ------------------------------------------------------------------------
> ---
> Vietnamese Professionals (VnPro)
> Cisco Authorised Training
> 149/1D Ung Van Khiem Street, Ward 25, Binh Thanh District, Ho Chi Minh
> City
> Tel: (08) 5124257 - (08) 5125314
> Fax: (08) 5124314
> Website: http://vnpro.vn
> Support Forum: http://vnpro.org
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> deji500@hotmail.com
> Sent: Sunday, December 03, 2006 6:09 PM
> To: ccielab@groupstudy.com
> Subject: ACCESS-LIST
>
> Hello group
>
> To match and deny the following IP address:
> 51.3.0.1
> 51.5.0.1
> 51.7.0.1
> 51.3.0.9
> 51.5.0.9
> 51.7.0.9
>
> will this accesslist work?
> access-list 1 deny 51.1.0.1 0.6.0.8
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
> This message (and any associated files) is intended only for the
> use of the individual or entity to which it is addressed and may
> contain information that is confidential, subject to copyright or
> constitutes a trade secret. If you are not the intended recipient
> you are hereby notified that any dissemination, copying or
> distribution of this message, or files associated with this message,
> is strictly prohibited. If you have received this message in error,
> please notify us immediately by replying to the message and deleting
> it from your computer. Messages sent to and from us may be monitored.
>
> Internet communications cannot be guaranteed to be secure or error-free
> as information could be intercepted, corrupted, lost, destroyed, arrive
> late or incomplete, or contain viruses. Therefore, we do not accept
> responsibility for any errors or omissions that are present in this
> message, or any attachment, that have arisen as a result of e-mail
> transmission. If verification is required, please request a hard-copy
> version. Any views or opinions presented are solely those of the author
> and do not necessarily represent those of the company.
>
>
> ************************************************************************************
> The e-mail and attachments are confidential and intended only for selected
> recipients. If you have received it in error, you may not in any way
> disclose or rely on the contents. You may not keep, copy or distribute the
> e-mail. Should you receive it, immediately notify the sender of the error
> and delete the e-mail.Also note that this form of communication is not
> secure, it can be intercepted, and may not necessarily be free of errors and
> viruses in spite of reasonable efforts to secure this medium.
>
> ************************************************************************************
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Online rack rental and CCIE Forums at http://www.virtrack.com
-- 
Online rack rental and CCIE Forums at http://www.virtrack.com

• Next message: Maurizio Dell'Amore: "remove from list"
• Previous message: haducbinh: "RE: ACCESS-LIST"
• Maybe in reply to: deji500@hotmail.com: "ACCESS-LIST"
• Next in thread: Nick Griffin: "Re: ACCESS-LIST"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:36 ART