[c-nsp] Access-list Question
Boštjan Fele
Bostjan.Fele at avtenta.si
Tue May 15 09:17:04 EDT 2007
With subnet mask you have set of one and set of zeros. It is a straight set of ones and then zeroes. In wildcard mask you can mix ones and zeros as you would like/fits your requirements.
Regards,
Bostjan
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Bernd Ueberbacher
Sent: Tuesday, May 15, 2007 9:52 AM
To: cisco-nsp
Subject: Re: [c-nsp] Access-list Question
*G* Funny, I had exactly the same problem yesterday! After swearing,
screaming and being sure that it is a bug in IOS, a "?" and exact
reading brought the answer :-)
BUT: Could anyone tell me (or point me to some information) why the hell
there is a wildcard mask? Is there any advantage I don't know or was it
just invented to annoy Paul and me ;-)
Thanks,
Bernd
On Mon, 2007-05-14 at 11:36 -0400, Paul Stewart wrote:
> Ok... I know I had a rough weekend but I don't get this..
>
> Creating a new access-list for an interface on a 2621 router:
>
> access-list 100 permit ip host xxx.xxx.xxx.64 yyy.yyy.yyy.64 255.255.255.192
>
> I want to permit access from one particular host to the yyy.yyy.yyy.64/26
> subnet...
>
> When I do a "show run" I see this:
>
> access-list 100 permit ip host xxx.xxx.xxx.64 0.0.0.0 255.255.255.192
>
>
> Why? ;)
>
> Thanks,
>
> Paul
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list