Home > Archive > CCNP > June 2001 > standard access-list question





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author standard access-list question
stoneli

2001-06-15, 10:37 pm

Which access list will deny traffic for the host 172.16.1.10?

A. access-list 1 deny 172.16.1.10
B. access-list 1 deny host 172.16.1.10

Any difference between A and B?
Terje

2001-06-16, 3:45 am

A is an incomplete command as it lacks the wildcard mask. The keyword "host" in B is another way of saying the wildcard mask is 0.0.0.0.

Terje
dmaftei

2001-06-16, 6:33 am

Terje's right on target, as usual. To add to his answer:

The general form of a standard access list is:

access-list number permit|deny source

number can be 1 through 99.

source can be one of the following:

  • ip-address mask
  • host ip-address
  • any (which is short for 0.0.0.0 255.255.255.255)

Here's a few examples, with the source part bolded:

  • access-list 1 deny 172.16.0.0 0.0.255.255
  • access-list 33 permit host 192.168.1.1
  • access-list 65 deny 0.0.0.0 255.255.255.255
  • access-list 99 permit any

Cheers!
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net