NEWBIE QUESTION

[maczen]

I have no experience with PIX or ASA yet but I keep seeing these in ACL statements and am really curious what they are for..

access-list pixtosw extended permit ip 192.168.12.0 255.255.255.0 10.5.0.0 255.2

I am curious about the 255.2 in this statement.. in others I see 0.0

I know that I will eventually run across this in my studies but it is irking me.. LoL

B Haines
CCNA R&S, ETA FOI

 

[Cluebird]

Mac, Mac, Mac (shaking head slowly and sadly), You didn't notice the line wrapped in the output so the statement you're asking about actually reads:

access-list pixtosw extended permit ip 192.168.12.0 255.255.255.0 10.5.0.0 255.255.255.0 ?

The thing to notice with access-list statements on PIX/ASA is they don't use wildcard masks in access-list statements. All masks are entered in regular dotted-decimal subnet mask format. There are some other slight differences in the syntax as well as how you actually apply the lists to interfaces.

Regarding the 0 0 notation. That is a way to annotate the default route of 0.0.0.0 0.0.0.0 in a static route. In other statements, 0 may indication a unlimited number of embryonic TCP connections or fully established TCP or unlimited UDP. I don't know of a 0.0 entry though...I suspect a line wrapped again.

HTH

 

[maczen]

I see it now.. Thanks Clue.. I think I just need to unplug for a few.. LoL Thanks again!

B Haines
CCNA R&S, ETA FOI