[c-nsp] Access-list Question

Peter Nyamukusa petern at africaonline.co.sz
Mon May 14 11:53:30 EDT 2007



> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Paul Stewart
> Sent: Monday, May 14, 2007 5:37 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Access-list Question
> 
> Ok... I know I had a rough weekend but I don't get this..
> 
> Creating a new access-list for an interface on a 2621 router:
> 
> access-list 100 permit ip host xxx.xxx.xxx.64 yyy.yyy.yyy.64
> 255.255.255.192
> 
> I want to permit access from one particular host to the yyy.yyy.yyy.64/26
> subnet...
> 
> When I do a "show run" I see this:
> 
> access-list 100 permit ip host xxx.xxx.xxx.64 0.0.0.0 255.255.255.192
> 

You need to use the wild card mask instead
access-list 100 permit ip host xxx.xxx.xxx.64 yyy.yyy.yyy.64 0.0.0.63

Regards,
Peter

> 
> Why? ;)
> 
> Thanks,
> 
> Paul
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list