Post Reply
User avatar
Name:DanielJoin In:Feb 21, 2019
[SOLVED] If the wildcard is written as a mask in the ACL configuration, it will be invalid.

Post by Daniel » Feb 1, 2019

I did a test because I forgot what caused the wildcard in the ACL to be written as a mask.

Tested on the pt simulator and wrote an ACL

Access-list 115 permit ip 192.168.1.0 255.255.255.0 any

Then sh comes out

Access-list 115 permit ip 0.0.0.0 255.255.255.0 any

Then add 115 to port in and then ping the port, nowhere.

Then write a note below

Access-list 115 permit ip any any

Then ping, pass.

Does this mean that when the wildcard is written as a mask, the configuration is considered incorrect and will fail.

Thus 115 actually has only one deny ip any any , so it does not work.


Reply

Post Reply