Hi guys,
Could any one give me advice on the following:
I have a range of addresses 192.168.1.1 - 192.168.1. 254
Is there a way i can block a ip addresses from the middle of this range?
For instance 192.168.1.50 to 192.168.1.100 access blocked but the rest of the addresses allowed?
Thanks for any help it is appreciated.
Andrew
Yes it is possible.
A number of access list entries (ACE's) would be required will different masks to cover the address space in question.
As usual, Merv is right on track.
Something like:
192.168.1.64 255.255.255.192would represent 192.168.1.64 thru 1.127.
Or 192.168.1.48 255.255.255.248 and 192.168.1.64 255.255.255.224
would collectively be 1.48 - 1.95.
You could get pretty close to 50-100 (perhaps exactly there if you used a bunch of really small networks), but it would take several masks as those numbers do not align with general subnetting (1, 2, 4,
8, 16, 32, 64, 128).
There used to be a neat little Cisco C program called masks.c (written by a Joel Bion, ISTR) which would work these things out for you. I think I've seen a web site that does the same thing but I can't remember where. A chart like this can help too. Yes, that's my chart; there are other very similar ones out there.
Sam
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.