configure the Access-list

Hi,

Router with 4 lan connections and wan connection to the internet
4 LANs (e0,e1,e2,e3) - each of Lans connected to single host's ip address
e0- 172.16.144.17/19
e1-172.16.50.173/20
e2-172.16.198.94/18
e4-172.16.92.10/21

Below is the accesslist that will stop acess from each of the four lan i.e equal to shutdown to the internet
router(config)#access-list 1 deny 172.16.128.0 0.0.31.255
router(config)#access-list 1 deny 172.16.48.0 0.0.15.255
router(config)#access-list 1 deny 172.16.192.0 0.0.63.255
router(config)#access-list 1 deny 172.16.88.0 0.0.7.255
router(config)#access-list 1 permit any
router(config)#interface serial 0
router(config)#ip access-group 1 out

could you plz explain the address range and how it calculates the number of host's to deny..

thnxs,

When adding an access-list permit or deny statement you have to specify a host or range of hosts just like you've done.

Lets take an example of the first deny statement:

router(config)#access-list 1 deny 172.16.128.0 0.0.31.255

The last portion 0.0.31.255 is called a wildcard mask. Its the inverse of the subnet mask 255.255.224.0.

Its simply calculated by subtracting 255.255.224.2 from 255.255.255.255.

Therefore the range of hosts specified by this mask is:
172.16.128.1 to 172.16.159.254

This is because there are 19 network bits and 13 host bits which give you a total of 8190 usable hosts.[/b]

thnks for your reply