ACL issues
mguy
Member Posts: 167 ■■■□□□□□□□
in CCNA & CCENT
I'm creating a dynamic nat from a pool but my packets are not being translated? It must be something to do with my wildcard bc it works when I change it
My (3workstations) network resides in 192.16.1.0 /25 so it means Range[192.16.1.1-192.16.1.127]
sh run
!
ip nat pool mypool 1.1.1.1 1.1.1.3 netmask 255.255.255.252
ip nat inside source list 1 pool mypool
!
access-list 1 permit 192.16.1.0 0.0.0.128
does not work
but if I change the last bit to
access-list 1 permit 192.16.1.0 0.0.0.255
then it works..! What's going on ?
My (3workstations) network resides in 192.16.1.0 /25 so it means Range[192.16.1.1-192.16.1.127]
sh run
!
ip nat pool mypool 1.1.1.1 1.1.1.3 netmask 255.255.255.252
ip nat inside source list 1 pool mypool
!
access-list 1 permit 192.16.1.0 0.0.0.128
does not work
but if I change the last bit to
access-list 1 permit 192.16.1.0 0.0.0.255
then it works..! What's going on ?
Comments
-
elderkai
Member Posts: 279
Because the wildcard is wrong. It should be 0.0.0.127. That one bit is the difference between everything on the network translating and everything not. You get 127 from 255.255.255.255 subtracted by 255.255.255.128 which equals 0.0.0.127. Hopefully that made sense?
-
sizeon
Member Posts: 321
suppose to be 0.0.0.127. Basically you have a block size of 128 and subtract one from it. For example, 0.0.0.63 is equal to a block size of 64. -
dirtyonekanobi
Member Posts: 5 ■□□□□□□□□□
Wow, never knew that method. Thanks for the post Sizeon. I was always used to the subtract from 255.... method.
