Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Subnetting question for a wildcard that covers a bunch of slash 25s

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

Subnetting question for a wildcard that covers a bunch of slash 25s

L0 Member

Hi guys, 

 

I work for a retail company. We have a bunch of subnets in our different stores where the 3rd octect is a different odd number. Like so - 

10.218.1.0/25
10.218.3.0/25
10.218.5.0/25
...
10.219.253.0/25

 

I'm creating a security rule that will allow all these subnets to talk to a vendor. I'd rather not create an address for all these slash 25s, so I'm trying to figure out a wildcard mask I can use that covers all the networks I need. One guy told me to use 10.218.1.128/0.15.254.127 and another guy said 10.218.1.0/0.0.0.127 would work. I don't know much about subnetting but it doesn't seem like either of these are working in our firewalls. Anyone got any ideas?

Cheers

2 REPLIES 2

Cyber Elite
Cyber Elite

Hello, 

 

So to clarify you want an object containing all of 10.218.0.0-10.218.255.255? If so you could do a few different things:

 

IP Netmask (correction from the image, it would be /16): 

Claw4609_0-1711997473165.png

 

IP Range: 

Claw4609_1-1711997506531.png

 

Wildcard (correction from the image, it would be 0.0.255.255):

Claw4609_2-1711997532974.png

 

L5 Sessionator

Without writing it out in binary, I think 10.218.1.0 / 0.0.254.255 should cover it.

First 2 octets must match.

For an address to be odd, there needs to be a match in the final bit, meaning 0 in that spot in a wildcard mask. (Every other bit is a power of 2, so adding 1 to any other combination will make it odd)

Last octet doesn't have to match anything, so any host is permitted.

 

 

  • 951 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!