12-01-2010, 11:55 PM
Router1#show ip access-lists
extended ip access list 100 - Extended access-list (fairly straight forward)
10 permit tcp 172.16.16.0 0.0.0.15 host 172.16.48.63 eq 22 The 0.0.0.15 wildcard mask means 255.255.255.240 subnet. To get the wildcard mask subtract 255.255.255.255 from the subnet mask. So 255.255.255.255 - 255.255.255.240 = 0.0.0.15
20 permit tcp 172.16.16.0 0.0.0.15 eq telnet host 171.16.48.63 same thing here
So your range covered by the wildcard mask is for 172.16.16.0 - 172.16.16.16
and
Router1(config)#int fa0/0
Router1(config-if)#ip access-group 100 in This line connects the interface (fa0/0) to the access-list 100
//what does the ip access-group 100 in do?//
extended ip access list 100 - Extended access-list (fairly straight forward)
10 permit tcp 172.16.16.0 0.0.0.15 host 172.16.48.63 eq 22 The 0.0.0.15 wildcard mask means 255.255.255.240 subnet. To get the wildcard mask subtract 255.255.255.255 from the subnet mask. So 255.255.255.255 - 255.255.255.240 = 0.0.0.15
20 permit tcp 172.16.16.0 0.0.0.15 eq telnet host 171.16.48.63 same thing here
So your range covered by the wildcard mask is for 172.16.16.0 - 172.16.16.16
and
Router1(config)#int fa0/0
Router1(config-if)#ip access-group 100 in This line connects the interface (fa0/0) to the access-list 100
//what does the ip access-group 100 in do?//