Options

Wildcard ACL masks

dagr8timdagr8tim Member Posts: 36 ■■□□□□□□□□
in CCNA & CCENT
I need to configure an acl denying access to subnet 172.16.1.0/18 and I need to know the corresponding wildcard mask?

I've read the tech help at http://www.techexams.net/technotes/ccna/accesslists.shtml regarding this. But I'm not following it totally.
There are two major products that came out of Berkeley: LSD and Unix. We don't believe this to be a coincidence.
· Share on FacebookShare on Twitter

Comments

  • Options
    SartanSartan Inactive Imported Users Posts: 152
    0.0.63.255

    I'm a horrible teacher if I wanted to teach wildcard masks icon_sad.gif But here ya go.

    Some of the newer IOS's support just the regular ol'e subnet mask like we're used to, rather than their weirdo bits.
    Network Tech student, actively learning Windows 2000, Linux, Cisco, Cabling & Internet Security.
    · Share on FacebookShare on Twitter
  • Options
    WebmasterWebmaster Admin Posts: 10,292 Admin
    Quick and dirty 1: /18 is 11111111.11111111.11000000.000000 = 255.255.(128+64).0 = 255.255.192.0 thus to block the network 172.16.1.0 with subnetmask 255.255.192.0 you need to use the remaining bits in the inverse mask:

    255.255.255.255
    255.255.192.0
    -
    0.0.63.255


    Quick and dirty 2:
    32-18 = 14 reading from right to left:

    00000000.00000000.00111111.11111111 =
    0.0.(32+16+8+4+2+1).(128+64+32+16+8+4+2+1) =
    0.0.63.255

    If you don't understand subnetting and/or wildcard mask, then don't try to understand them. Write it out, make up networks and subnet them, make 'm access lists from scratch. You will only need to do it a couple of times and it will make a lot more sense.
    LinkedIn - FaceBook
    · Share on FacebookShare on Twitter
Sign In or Register to comment.