Options

Access lists - another question

PashPash Member Posts: 1,600 ■■■■■□□□□□
in CCNA & CCENT
I did a standard ACL configuration question this morning that went something like this:

Create a standard IP access list (number 99) that blocks all traffic from network 131.107.8.0 /21 but allows all other traffic. (ommitted the rest of the question because this was just applying it to a ethernet int)

So I did it this way:

access-list 99 deny 131.107.8.0 0.0.7.255
access-list 99 permit any

However the answer at the end stated that:

access-list 99 deny 131.107.8.0 0.0.0.7

I concluded after re reading my material that my answer is correct but the answer they gave might also be correct, would both work?

Cheers
DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.
· Share on FacebookShare on Twitter

Comments

  • Options
    EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    An access-list has an implicit deny at the end, so you are correct and the answer given was wrong.Also the mask is wrong in the second answer but probably a mistype by you i guess.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
    · Share on FacebookShare on Twitter
  • Options
    PashPash Member Posts: 1,600 ■■■■■□□□□□
    sorry ed_the_lad I wasnt very clear in my post, but yeh the answer given did have the permit any statement in there i just didnt include it, but that was the wildcard mask they gave 0.0.0.7, where as in my answer i gave 0.0.7.255. I guess the answer to that question that has been supplied is wrong then, nvm :)
    DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.