Access how would I write this out access list

I was wondering could someone show me how you would write an access list to stop any ip under the ip address please not this would be a class c address 192.168.3.127 from taking to another network for example 192.168.70.0.

Then let anyone greater than 192.168.3.127 access ftp to 192.168.70.0

Any help would be great I have been able to write other access list just not sure how you write one to stay if an ip address is under this do that etc

Find more posts tagged with

Comments

Neeko

Assuming the destination is a class C subnet...

deny ip 192.168.3.0 0.0.0.127 192.168.70.0 0.0.0.255

permit tcp 192.168.3.128 0.0.0.127 192.168.70.0 0.0.0.255 eq ftp

Consider that the deny or permit statement at the end of the list will mean one of the two entries may not be necessary.

thomas130

Don't I need a statement saying if lt is less than 192.168.3.127 I believe it's lt for less than

Neeko

192.168.3.0 0.0.0.127 means IP addresses 192.168.3.1 - 192.168.3.127, which is what the first statement outlines.

Do you mean you do not want .127 included, so just 126 and below? If so I think you may need to do some reading on wildcard masks because its not as simple as just saying 'less than 127'.

billscott92787

Neeko posted the correct statement to imply what exactly you were saying. The 192.168.3.0 0.0.0.127 denies any ip from 192.168.3.1 - 192.168.3.127, the next statement permits anything from .128 - .255