From the course: Cisco CCNA (200-301) Cert Prep: 3 Security, Automation, and Programmability
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
ACL wildcard masks
From the course: Cisco CCNA (200-301) Cert Prep: 3 Security, Automation, and Programmability
ACL wildcard masks
- ACLs utilize wildcard masks to specify groups of IPs or groups of subnets. Keep in mind, this isn't a subnet mask and, in fact, it is written something in the opposite of a subnet mask. A wild card mask, is represented in octets, like a subnet mask but zero equals exact match and 255 equals any match. So this will match 100.64.0, basically the slash 24. This will match the slash 16, 100.64, while this matches the slash eight, 100. Another way of looking at it is 255 means ignore this portion of the octet. I'll use this diagram as an example. The first rule was covered in the previous chapter, config t, access list one, permit host 100.64.0.2 Rule two blocks 100.64.0.0 slash 24 with a command, access list one, deny 100.64.0.0 0.0. 0.255. The third rule allows anything sourced from 100.64 slash 16 with access list one, permit 100.64.0.0 0.0.255.255. Wildcard masks don't always fall on even octet boundaries, though there a few easy ways to calculate what it should be. The simplest way…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
Key security concepts4m 18s
-
(Locked)
Security program elements1m 19s
-
(Locked)
Password policy elements2m 27s
-
(Locked)
VPNs2m 43s
-
(Locked)
Standard access control lists (ACLs)4m 49s
-
(Locked)
ACL wildcard masks4m 20s
-
(Locked)
Extended ACLs3m 46s
-
(Locked)
Named ACLs6m 14s
-
(Locked)
Port security4m 18s
-
(Locked)
DHCP snooping3m 33s
-
(Locked)
Dynamic ARP Inspection (DAI)3m 42s
-
-
-