Professional Documents
Culture Documents
T&CApply
Home Knowledgebase Cisco Certified Network Associate (CCNA) Access Control List (ACL) - WildCard Masks
External
Tutorials Access Control List (ACL) - Wildcard Masks
Resources
Basic Networking Wildcard masks are used in Access Control Lists (ACL) to
TCP/IP identify (or filter) an individual host, a network, or a range IP
addresses in a network to permit or deny access .
IPv6
When using a wildcard mask, a 0 in a bit position means
CCNA
that the corresponding bit position in the address of the
CCNA Security Access Control Lists (ACL) statement must match the bit
Security position in the IP address in the examined packet. A "0" bit in
the wildcard mask means that corresponding part in the IP
Windows 2003
address should exactly match and "1" bit means that the
Windows 2008 corresponding part in IP address can be ignored. Some
examples of Access Control List (ACL) wildcard masks are
GNU/Linux
given below
172.16.0.12 0.0.0.0
http://www.omnisecu.com/ciscocertifiednetworkassociateccna/accesscontrollistaclwildcardmasks.php 1/5
4/9/2017 AccessControlList(ACL)WildcardMasks
host 172.16.0.12
172.16.0.0 0.0.255.255
The above example states that the values of only first two
octects should exactly match and the values of the last two
octets can be any. This statement can match all the IP
addresses of 172.16.0.0/16 network.
IP address - 10101100.00010000.00000000.00000000
Subnet Mask - 11111111.11111111.11111111.00000000
Wildcard Mask - 00000000.00000000.00000000.11111111
172.16.0.0 0.0.0.255
http://www.omnisecu.com/ciscocertifiednetworkassociateccna/accesscontrollistaclwildcardmasks.php 2/5
4/9/2017 AccessControlList(ACL)WildcardMasks
IP address - 172.16.240.0
Subnet Mask - 255.255.240.0
Wildcard Mask -0.0.15.255
JajishThomas on
http://www.omnisecu.com/ciscocertifiednetworkassociateccna/accesscontrollistaclwildcardmasks.php 3/5