ACL help

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I am trying to get my head around ACL's and I am getting stuck with wildcard masking.

I have no problems with wildcard masks until I hit a problem where a network has been subnetted and bits have been borrowed.

For example I am trying to write an ACL to permit traffic to the following network via ports 80 & 21: 172.16.32.0/20

If this was a /16 network I would write my ACL like this, which I think would be correct:

access-list 101 permit any 172.16.32.0 0.0.255.255 eq 80
access-list 101 permit any 172.16.32.0 0.0.255.255 eq 21

The problem I’m having is working out how I would do the same for a /20 network or any other subnetted network.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I believe the /20 equates to a subnet of:

255.255.240.0

If i'm wrong someone will be here shortly to put me right.

 

yeah that's right, however how do i relate this to the wildcard mask for the ACL?

 

access-list 101 permit any 172.16.32.0 0.0.15.255 eq 80

http://www.cisco.com/en/US/products...oducts_tech_note09186a00800a5b9a.shtml#topic2

 

Paulcraig1979,

Can you "think in binary" for subnetting?

 

ah think i may have cracked it. I am using 0.0.15.255

 

uhm... isn't that what i said more than a week ago?
or are you saying that 0.0.15.255 isn't working?

 

yeah you did sorry, i have only just got round to replying. Thanks.