C
ONFIGURING
THE
S
WITCH
3-80
• Subnet Mask – A subnet mask containing four integers from 0 to 255,
each separated by a period. The mask uses 1 bits to indicate “match”
and 0 bits to indicate “ignore.” The mask is bitwise ANDed with the
specified source IP address, and compared with the address for each
IP packet entering the port(s) to which this ACL has been assigned.
Web – Specify the action (i.e., Permit or Deny). Select the address type
(Any, Host, or IP). If you select “Host,” enter a specific address. If you
select “IP,” enter a subnet address and the mask for an address range. Then
click Add.
Figure 3-36 ACL Configuration - Standard IP
CLI – This example configures one permit rule for the specific address
10.1.1.21 and another rule for the address range 168.92.16.x – 168.92.31.x
using a bitmask.
Console(config-std-acl)#permit host 10.1.1.21 4-120
Console(config-std-acl)#permit 168.92.16.0 255.255.240.0
Console(config-std-acl)#