|
Home > Archive > CCNA > August 2000 > Access- List
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
|
| Can any one tell me useing an access list how to block only the even number ip addresses to a router and allow the odd number ip addresses | |
|
| I don't think you can. Why would you want to do this apart from the "Because I can" ???
All you can do is block addresses, subnets or entire ranges. | |
|
| Spanky
The reason I want to do this is because the is part of the lab test in Sem 3-4 of the Cisco Acadamy program | |
|
| Yes you can. This was part of my final Lab at the Cisco Network Academy. These kind of Access Lists are not easy and would be difficult to explain here. Of course everything is easy when u know it, lol.
I would very much doubt that Cisco would have
such an Access List on the Exam. Most people
would miss it.
For myself, if I did see one on the exam, I'd have to decide wether to just guess or not...
depending on when it showed up in the test or
how much time I had left, because u could use a lot of time and still get it wrong.
| |
|
| Spanky, I also would not stress to hard about
it. Very few if any in your class will get that part of the lab right. Only one in our class did. I suggest that u make sure your Teacher makes sure you know how to do them, demand it. These kind of lists are hardest part of the Academy and you just have to do them over and over until u get it. My Instuctor wasn't the greatest at explaining it. He could do them sure enough. A friend and I spent an afternoon on them and found a way to understand them on our own. | |
|
|
|
| Guys,
Even and odd in Binary is determined by the right-most bit. By definition, an eight-bit binary number ending in 1 is odd, anything ending in 0 is even.
Use a wildcard mask with 254 in the fourth octet (x.x.x.254) to tell the router to match only the rightmost bit.
For example:
access-list 100 tcp permit 0.0.0.1 255.255.255.254
or
access-list 100 tcp permit 25.42.152.1 0.0.0.254
Will limit access only to odd numbered ip addresses. The difference here is that in the first example, ALL odd numbered IP addresses are allowed. In the second one, only odd numbered IP addresses in given subnet are permitted access.
Remember, there is an implicit deny at the end of every access list. Anything not specifically permitted will be denied.
To limit access only to even numbered IP addresses, replace the x.x.x.1 with x.x.x.0. In reality, any even or odd number will do, because you are using a 254 wildcard mask; the router will only look at the rightmost bit anyway.
Does this make sense?
Skip | |
|
| Going out on a limb, but this was the answer to my lab Jerry!
Network-156.1.0.0 Mask-255.255.255.192
access-list 100 deny tcp 156.1.0.194 0.0.0.62
host 156.1.0.193 eq 23
access-list 100 permit ip any any
inter e0
ip access-group 100 in |
|
|
|
|